This video focuses on understanding why Android application testing is needed and why it happens to be a pain-point for many organizations.
- [Narrator] Before we move on to the next lectures, lets go over what you should know. This course is a comprehensive guide on Android application pen testing so I don't expect you to know what Android application pen testing is. We'll be going over the latest tools, techniques, and frameworks required for the same. Although this course is not about Android development, or Android device hacking. In addition to that this course is not a magic wand, the more you practice the more your skills will improve and the more your art as a penetration tester will increase. So practice is the key. In terms of prerequisites I expect you to have a basic understanding of how Android OS and it's architecture is organized. I expect you to understand how Android applications work in principle. If you don't have development experience that's fine, but you should know your way around what are the components what does manifest find, et cetera. You should have a good working knowledge of Burp Suite and it's tools because there is a specific section of test cases where it will be using Burp Suite in a full blown manor. The tools that I'll be using are Windows 10 as the host OS with 64 gigabits of ram and 3.4 gigahertz of processor. Memu Emulator instead of a physical device I'll be using an emulator. Java version 1.7 and 8. Python version 2.7.10 and Python version 3.6.8. In term of tools and frameworks I'll be using Drozer, Mobile Security Framework, also know as Mob S F, And Burp Suite Community edition. At the time of recording these tools had a specific version so when you're watching this video you might want to go over official documentation, to see what's the version and the dependency requirement of these tools at that point of time. The last ingredient is your complete and hundred percent involvement.
- Web vs. Android security
- Domains of Android security
- Code-level security
- Static application testing with MobSF
- Dynamic application testing with Burp Suite
- Platform interaction testing