NextGen Infosec Training

Android Security for Pentesters

Android Security for Pentesters aims to help students get started with Android application security and pentesting using a step-by-step, hands-on approach to finding vulnerabilities in real world Android applications. After completion of this course you will be able to perform security assessments on Android applications.

Aditya Gupta 
Instructor, Android Security for Pentesters

Question?Promotional Pricing – Enroll Now!

 

Only need the Course Videos? Get all courses at just $39/month

1. What is Android Security for Pentesters?

 

This course is intended for professionals who want to get started with Android Application Security and Pentesting. This is a hands-on course where you will get to reverse Android applications, find security vulnerabilities, perform debugging and API hooking, use tools like Androguard and Drozer, and a lot more.

The course takes examples from real world applications, as well as custom made vulnerable applications to give you an in-depth view of the security issues in Android applications. Once the course is completed, you should be able to take most Android applications, examine them and identify vulnerabilities. It will also serve as a really good starting point, if you want to dig deeper and research more into Android platform security.

This course is useful to security researchers, pentesters as well as Mobile application developers/testers. The training course has been previously run at a number of international security conferences all over the world, and has been very well received. This is the online version of the same class.

 

2. Course Syllabus

A non-exhaustive list of topics to be covered include:
  • Introduction to Android
  • Android Security Architecture
  • Android Permissions
  • Android Application Internals
  • Setting up Genymotion
  • Android Application Components
  • DEX File Analysis
  • Introduction to Android Debug Bridge
  • Logging Based Vulnerabilities
  • Reversing Android Applications
  • Analyzing Android Malwares
  • Analyzing Android Traffic
  • Bypassing SSL Pinning
  • Leaking Content Providers
  • Introduction to Drozer
  • Read based Content Provider vulnerability
  • Advanced Drozer Usage
  • Drozer Scripting
  • Dropbox Content Provider Vulnerability
  • Backup Based Vulnerability
  • Client Side Injection
  • Hooking Introduction and Setting up Insecure Bank
  • Android Debugging with Andbug
  • Debugging with JDB
  • Automated Hooking with Introspy
  • Cydia Substrate and Hooking
  • Xposed Framework and Hooking
  • Analysis and Scripting using AndroGuard
  • Webview Based vulnerabilities
  • Exploiting Webview with Metasploit

 

 

 

Promotional Pricing – Enroll Now!

3. Can I see some sample videos for the course? 

The total duration of the course videos is 4+ HOURS of HD content with Full English Captions. The course is fully hands-on and you will be spending most of the time doing exercises with the instructor.

The course starts from the very basics and slowly takes you to more complicated topics, making it ideal for self-paced learning. Below are a couple of sample videos from the course:

1. Android Security for Pentesters: Course Introduction

2. Android Security for Pentesters: Security Architecture Basics

3. Android Security for Pentesters: DEX Analysis

4. Android Security for Pentesters: Debugging with JDB

5. Android Security for Pentesters: Application Reversing

Promotional Pricing – Enroll Now!

4. What do I get as a registered student? 

A registered student will get the following:

  • HD Download of Course Theory Videos
  • HD Download of Course Exercise Videos
  • Full English Captions of the Videos
  • PDF Slides of the full course
  • All exercise files used in the course
  • Certification Exam
  • PDF copy of certificate if you pass the exam

Please note that there is no student forum associated with this low-priced course.

Promotional Pricing – Enroll Now!

5. How many hours is the content and will it come with captions/subtitles?

4+ hours of video content. Yes, it will have subtitles.

6. Is this Course for Novices or only for Experts?

This course is for both, novices and experts.

 

7. Student Testimonials

Aditya Gupta, the author, has already conducted this course at conferences and private in-person trainings around the world! Here is what his students have to say about the course:

“I have known Aditya now for around 3 years. I recently got a chance to attend his live “Android Exploitation training” at one of the popular security conferences. I was looking for a course to get started with Android Security and Exploitation for one of my upcoming projects. The training did a really nice job in getting everyone started, as well as giving hands-on experience with real world applications, which I think sets this training as one of the best I have attended. After the 2-days of intense Android Exploitation, and identifying vulnerabilities in different kind of android apps, I felt confident enough to start push my security mobile project to the next level.”

– Marius Corîci,
Founder, CTF365 

sushil

“I and my team had an insightful training on pentesting of android apps conducted by Aditya. The training covered various aspects of vulnerabilities in Android apps that developers can often miss to handle. Really good amount of practical and hands-on sessions focusing on reverse engineering and using various tools to exploit the vulnerabilities that existed on popular android apps. Altogether a great training put together, with the content giving a really nice idea on improving android app security.”

 

– Gautam,
Samsung Security

“I have been working with/around Android and iOS application security for a while. Regardless, I thought I would attend Aditya’s training course. The course has helped me feel some of my knowledge gaps around Android and toughed me few new tricks! Thanks, Adi. I would definitely recommend this course to anyone wishing to learn more about the technical aspect of Android and iOS security.”

– Serge,
Application Security Consultant – Melbourne,
Australia

 

 

 

Enroll Now!

 

8. Why Choose SecurityTube Certifications?

Our Certifications are taken by students from over 90+ countries and are Globally recognized. The Flags in the image to the left are countries from where our students belong. In addition, SecurityTube Certifications provide:

  • High Quality Content at an Affordable Cost
  • The most Comprehensive Course Coverage in the Industry
  • Uses Open Content for Course Evaluation
  • Concept Oriented, Practical Content rather than only Theory

 

Promotional Pricing – Enroll Now!

9. Course Instructor

Aditya Gupta  is the founder and trainer of Attify, a mobile security firm, and leading mobile security expert and evangelist. Apart from being the lead developer and co-creator of Android framework for exploitation, he has done a lot of in-depth research on the security of mobile and hardware devices, including Android, iOS, and Blackberry, as well as BYOD Enterprise Security.aditya-profile

He is also the author of the popular Android security book “Learning Pentesting for Android” selling over 10000+ copies, since the time of launch in March 2014. He has also discovered serious web application security flaws in websites such as Google, Facebook, PayPal, Apple, Microsoft, Adobe, Skype, and many more. He has also published a research paper on ARM Exploitation titled “A Short Guide on ARM Exploitation.” In his previous work at Rediff.com, his main responsibilities were to look after web application security and lead security automation. He also developed several internal security tools for the organization to handle the security issues.

He has also previously spoken and trained at numerous international security conferences including Black Hat, Syscan, OWASP AppSec, Toorcon, Clubhack, Nullcon etc, along with many other corporate trainings on Mobile Security.

Enroll Now!

10. Course Enrollment and Payment

 




Buy now with Paypal!

Student Name:
Email:



If you cannot use Paypal, please drop us an email at feedback @ binarysecuritysolutions.com for alternate options for payment.

11. Contact Us

We have compiled a FAQ below:

Click to Expand FAQ…

Please use the form below if you have any additional questions not answered by this page and we will get back to your ASAP:

Enroll Now!