From the course: Android App Security: A Structured Approach to Pen Testing
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Manifest analysis - Android Tutorial
From the course: Android App Security: A Structured Approach to Pen Testing
Manifest analysis
- [Narrator] MobSF runs a complete analysis which includes static application security testing that is sassed, certain aspects of dust, malware scans and some test cases related to reverse engineering as well. The beauty of MobSF is that it pretty much does 60 to 70 percent of the tasks that you need to perform under Android application penetration testing. If you scroll down a bit, you will see that it tells us about the full application components, that is the activities, services, broadcast receivers and content providers. If you scroll further down you can view or download the reverse engineer Java code for this application. You can also check out the Android manifest file and find out which settings are incorrectly configured. But MobSF does that for us as well. If you just go to the site menu under security analysis, it has an option named manifest analysis. Here it gives me all the information that I need to understand…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.