ANDROID APPLICATION SECURITY TESTING The ubiquity of the Android mobile platform and growing threats to mobile applications calls for increased vigilance on the part of organizations developing Android software applications.This course will focus on the techniques and tools for testing the security of Android mobile applications. During this course the students will learn about important topics such as the Android Security model, the Android runtime, how to perform static analysis, traffic manipulation, memory dumps, debugging , code modification and dynamic analysis – from zero knowledge of the APK to full exploitation. Students of this course will learn how to operate and make the best of the AppUse custom VM for Android application penetration testing, from its own creators. By taking this course you will be able to perform penetration testing on Android mobile applications and expose potential vulnerabilities in the tested application such as insecure storage, traffic manipulation, malicious intents, authentication and authorization problems, client side SQLi, bad cryptography, and more. THIS COURSE Introduces the Android application framework and major software components involved in Android programming. Introduces Android security controls as well as discusses potential security gaps. Provides guidance on analyzing, reverse engineering, and decompiling Android applications. Reviews an Android mobile security case study. Includes hands-on lab exercises on penetration testing and reverse engineering an Android application. OBJECTIVES OF THE COURSE Understand the Android application threat landscape. Perform penetration testing on android mobile apps. Identify vulnerabilities and exploit them – from zero knowledge of the APK to full exploitation. Operate AppSec Labs’ unique AppUse customized VM for android pen-testing. REQUIREMENTS Before attending this course, students should be familiar with: Common security concepts Basic knowledge of the Linux OS Development background and basic knowledge of the Android development platform.