
Train On-Demand
Choose the training you want from 18,000+ videos of instructor-led content. Watch anywhere.
Learn More<br>In this course you will be shown how to perform professional penetration testing activities against Android and iOS mobile applications, by means of reverse engineering, static analysis and dynamic analysis. First you will learn all about the attack surface of Android applications and the techniques to exploit each covered vulnerability (incl. reverse engineering). Specifically, Android OS fundamentals (Android VM, Android security model etc.), build process (APK structure, compiling/signing apps etc.) and how to setup your own testing environment are presented first. Then the part of attacking Android apps commences. Reverse engineering APKs for information gathering, device rooting and the entire attack surface of Android apps are covered in detail so that are aware of what each attack exploits. Mobile application traffic analysis is of course covered (incl. Certificate pinning bypasses). During the static analysis module, you will exploit SQL injection and path traversal vulnerabilities, as well as vulnerable activities, vulnerable receivers, vulnerable services and insecure shared preferences among others. Finally, during the dynamic analysis module you will leverage ADB in order to achieve live debugging and database interaction for exploitation purposes. Be reminded that you will have the opportunity to develop several malicious Android applications during this journey.</br> <br>This course is part of the Mobile Application Penetration Testing Professional Learning path which prepares you for the eMAPT exam and certification</br>
Instructor for this course
Anthony Trummer
Android Architectures - Study Guide
Introduction to MASPT
Android Security Module
Android Introduction
Setting up a Testing Environment - Study Guide
Android Studio
Android Build Process - Study Guide
Reversing APKs - Study Guide
Reversing Applications
Smali
Device Rooting - Study Guide
Android Application Fundamentals - Study Guide
Network Traffic - Study Guide
Proxy Configuration and Certificate Validation
Device and Data Security - Study Guide
Tapjacking - Study Guide
Tapjacking
Static Code Analysis - Study Guide
QARK
Content Providers
Dynamic Code Analysis - Study Guide
ADB and Dynamic Analysis
Take your technical training into your own hands and stay engaged with our learn-by-doing platform where you can put your skills to the test with hands-on exercises, quizzes, and labs.
Choose the training you want from 18,000+ videos of instructor-led content. Watch anywhere.
Learn MoreINE quizzes, labs, projects, and exercises help reinforce your knowledge.
Learn MoreOrganized training helps guide you through the most relevant subjects for certification prep.
Learn MoreWe add new courses and learning materials to the platform weekly so you're always up-to-date.
Learn MoreIf you have a question you don’t see on this list, please visit our Frequently Asked Questions page by clicking the button below.
If you’d prefer getting in touch with one of our experts, we encourage you to call one of the numbers above or fill out our contact form.
Do you offer training for all student levels?