Preface
[ 2 ]
Chapter 3, Reversing and Auditing Android Apps, covers some of the methods and
techniques that are used to reverse the Android applications. It will also discuss
different tools, which could help a penetration tester in Android application
auditing. Also, it will list the various kinds of vulnerabilities existing in Android
applications, (the ones that put the user's data at risk).
Chapter 4, Trafc Analysis for Android Devices, covers the interception of trafc in
applications on the Android device. It explains both the active and passive ways
of intercepting the trafc, as well as intercepting both HTTP and HTTPS network
trafc. It will also look at how to capture trafc and analyze its services as one of the
most useful steps for application auditing on the Android platform.
Chapter 5, Android Forensics, starts with a basic walkthrough of Android Forensics,
and takes the reader through various techniques of data extraction on Android-based
smartphones. It will cover both logical and physical acquisition of forensic data,
as well as the tools that could ease the process of data extraction.
Chapter 6, Playing with SQLite, helps the reader to gain an in-depth knowledge of the
SQLite databases used by Android to store data. Often, due to the mistakes made
by developers, the SQLite query accepts unsanitized input, or is not used without
proper permissions, which leads to injection attacks.
Chapter 7, Lesser-known Android Attacks, covers various lesser-known techniques
helpful in Android penetration testing. It will include topics such as WebView
vulnerabilities and exploitation, infecting legitimate applications, and cross
application scripting.
Chapter 8, ARM Exploitation, allows readers to gain introductory exploitation
knowledge about the ARM platform on which most smartphones run today.
Readers will learn about ARM assembly, as well as exploiting Buffer Overows,
Ret2Libc, and ROP.
Chapter 9, Writing the Pentest Report, provides a short walkthrough on how to
write reports to audit an Android application. It takes the reader through various
components of a pentesting report one-by-one, and nally helps them build a
penetration testing report.
What you need for this book
In order to follow this book, you will need to have the following software tools in
your computer. Also, a step-by-step walkthrough of how to download and install
the tools will be provided in the chapter, wherever required.
www.it-ebooks.info
我的内容管理
展开
