From the course: Android App Security: A Structured Approach to Pen Testing
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Introduction to drozer - Android Tutorial
From the course: Android App Security: A Structured Approach to Pen Testing
Introduction to drozer
- [Instructor] In this section, we will cover some additional techniques corresponding to dynamic application testing. For that, we will be using Drozer. Drozer is an open source tool by NWR Labs. Although Drozer can be used for multiple activities including defensive as well as offensive. We shall be primarily using it for testing how the target application interacts with other applications on the same device. Drozer uses client-server model in terms of its architecture. It exploits the interprocess communication of the Android OS to exploit the target application. Drozer has two components, the Drozer Console that runs on the work station and the Drozer Agent, which is an apk file that interacts with the target application and is installed on the same device as out target application. As you might have already guessed this is an example of, Interactive Application Security testing or IAST. Using Drozer, we can test…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
-
(Locked)
Introduction to drozer1m 25s
-
(Locked)
drozer architecture51s
-
(Locked)
drozer setup4m 13s
-
(Locked)
Sieve application overview2m 23s
-
(Locked)
Basic commands3m 42s
-
(Locked)
Activity testing3m 30s
-
(Locked)
Content provider testing4m 9s
-
(Locked)
Content provider testing: SQL injection4m 22s
-
(Locked)
-