🚩 Android AppSec
We (@hpAndro and @_RaviRamesh) spend a lot of time attacking android app hacking, breaking encryption, finding bussiness logic flaws, penetration testing, and looking for sensitive data stored insecurely.
We do it for the right reasons - to help developers make their apps more secure.The best way to verify that your app follows secure mobile development best practices is to perform security assessments of the app, which can include automated mobile app security testing, fuzzing, manual penetration testing, and more.
This application represents some of the knowledge we share with infosec community. We are trying to build vulnerable application based on OWASP Mobile Security Testing Guide.Our initial planning is build application based on following topics.
- 🍥 Platform Overview 🍪 Android Basic Security Testing 🍫 Data Storage on Android 🍩 Android Cryptographic APIs 🍨 Local Authentication on Android 🍧 Android Network APIs 🍰 Android Platform APIs 🍷 Code Quality and Build Settings 🎂 Tampering and Reverse Engineering 🍭 Android Anti-Reversing Defenses