Android Tutorials

[sirp]

Hacking Android Apps Using Backup Techniques

http://resources.infosecinstitute.com/android-hacking-security-part-15-hacking-android-apps-using-backup-techniques/

Cracking Android App Binaries

http://resources.infosecinstitute.com/android-hacking-security-part-17-cracking-android-app-binaries/

Android Application hacking with Insecure Bank Part 4

http://resources.infosecinstitute.com/android-application-hacking-with-insecure-bank-part-4/

Android Application hacking with Insecure Bank – Part 3

http://resources.infosecinstitute.com/android-application-hacking-with-insecure-bank-part-3/

Android Application hacking with Insecure Bank Part 2

http://resources.infosecinstitute.com/android-application-hacking-insecure-bank-part-2/

Android Application hacking with Insecure Bank Part 1

http://resources.infosecinstitute.com/android-application-hacking-insecure-bank-part-1/

Understanding Disk Encryption on Android and iOS

http://resources.infosecinstitute.com/understanding-disk-encryption-android-ios/

Getting Started with Android Forensics

http://resources.infosecinstitute.com/getting-started-android-forensics/

Penetration Testing Apps for Android Devices

http://resources.infosecinstitute.com/pen-test-apps-android-devices/

Android Hacking and Security, Part 3: Exploiting Broadcast Receivers

http://resources.infosecinstitute.com/android-hacking-security-part-3-exploiting-broadcast-receivers/

Android Hacking and Security, Part 2: Content Provider Leakage

http://resources.infosecinstitute.com/android-hacking-security-part-2-content-provider-leakage/

Android Hacking and Security, Part 1: Exploiting and Securing Application Components

http://resources.infosecinstitute.com/android-hacking-security-part-1-exploiting-securing-application-components/

Android Application Security Testing Guide: Part 2

http://resources.infosecinstitute.com/android-app-sec-test-guide-part-2/

Android Application Security Testing Guide: Part 1

http://resources.infosecinstitute.com/android-application-security-testing-guide-part-1/

Exploiting Debuggable Android Applications

http://resources.infosecinstitute.com/android-hacking-security-part-6-exploiting-debuggable-android-applications/

Android App Permissions and Security: What You Need to Know

http://resources.infosecinstitute.com/android-app-permissions-security-need-know/

Security and Hacking apps for Android devices

http://resources.infosecinstitute.com/security-hacking-apps-android/

Android Forensics: Cracking the Pattern Lock Protection

http://resources.infosecinstitute.com/android-forensics-cracking-the-pattern-lock-protection/

Sniffing Network Traffic on Android

http://resources.infosecinstitute.com/sniffing-network-traffic-android/

Creating a kewl and simple Cheating Platform on Android

https://deepsec.net/docs/Slides/2014/Creating_a_kewl_and_simple_Cheating_Platform_on_Android_-_Milan_Gabor-Danijel_Grah.pdf

Racing with DROIDS

http://2014.zeronights.org/assets/files/slides/racingwithdroids.pdf

Steroids for your App Security Assessment

http://2014.zeronights.org/assets/files/slides/grassi.pdf

Hey, we catch you - dynamic analysis of Android applications

https://pacsec.jp/psj14/PSJ2014_Wenjun_Hey- We Catch You - Dynamic Analysis of Android Applications.pdf

An Infestation of Dragons: Exploring Vulnerabilities in the ARM TrustZone Architecture

https://pacsec.jp/psj14/PSJ2014_Josh_PacSec2014-v1.pdf

Making Android's Bootable Recovery Work For You

http://matasano.com/research/eko2014_recovery.pdf

Mobile Hacking – Reverse Engineering the Android OS

http://www.slideshare.net/EC-Council/hacker-halted-2014-reverse-engineering-the-android-os

MAN IN THE BINDER: HE WHO CONTROLS IPC, CONTROLS THE DROID

https://www.blackhat.com/docs/eu-14/materials/eu-14-Artenstein-Man-In-The-Binder-He-Who-Controls-IPC-Controls-The-Droid.pdf

Hide Android Applications in Images

https://www.blackhat.com/docs/eu-14/materials/eu-14-Apvrille-Hide-Android-Applications-In-Images.pdf

BREAKING “SECURE” MOBILE APPLICATIONS

http://conference.hitb.org/hitbsecconf2014kul/materials/D2T1 - Dominic Chell - Breaking Secure Mobile Applications.pdf

TACKYDROID: Pentesting Android Applications in Style

http://conference.hitb.org/hitbsecconf2014kul/materials/D2T2 - Chris Liu and Matthew Lionetti - TackyDroid.pdf

Android Forensics: The Joys of JTAG

https://ruxcon.org.au/assets/2014/slides/tty0x80-Ruxcon Presentation-12th-October-2014-for-release.pdf

Enter The Snapdragon!

https://www.hacktivity.com/en/downloads/archives/319/

A distributed approach to malware analysis

https://speakerdeck.com/nviso/a-distributed-approach-to-malware-analysis-brucon-0x06-daan-raman

Bypassing wifi pay-walls with Android

http://www.slideshare.net/rootedcon/pau-olivafora-rootedcon2014

Play Flappy Bird while you pentest Android in style

http://hitcon.org/2014/downloads/P1_10_Chris Liu - Matthew Lionetti - TackyDroid Slides.pptx

On the Feasibility of Automa3cally Generating Android Component Hijacking Exploits

http://hitcon.org/2014/downloads/P1_09_Daoyuan Wu - On the Feasibility of Automatically Generating Android Component Hijacking Exploits.pdf

Peeking into Your App without Actually Seeing it: UI State Inference and Novel Android Attacks

https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-chen.pdf

ASM: A Programmable Interface for Extending Android Security

https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-heuser.pdf

Android Packers:Separating from the pack

http://www.fortiguard.com/paper/Android-Packers--Hacktivity2014/

Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture

http://mostconf.org/2014/slides/s2p3-slides.pdf

A Systematic Security Evaluation of Android's Multi-User Framework

http://mostconf.org/2014/slides/s3p3-slides.pptx

Enter Sandbox: Android Sandbox Comparison

http://mostconf.org/2014/slides/s3p1-slides.pdf

Exploiting the Bells and Whistles: Uncovering OEM Vulnerabilities in Android

http://thecobraden.com/uploads/Valletta - CarolinaCon X - Exploiting the Bells and Whistles.pdf

Execute this! Looking into code-loading techniques on Android

http://warsaw2014.honeynet.org/slides/honeynet2014-day1-Sebastian.pdf

Post-Mortem Memory Analysis of Cold-Booted Android Devices

http://www.homac.de/publications/Post-Mortem-Memory-Analysis-of-Cold-Booted-Android-Devices-slides.pdf

Tricks for image handling in Android

http://www.slideshare.net/tyronenicholas/devoxx-images-android

Pentesting Android Applications

http://www.slideshare.net/clviper/pentesting-android-applications

Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware

http://www.syssec-project.eu/m/documents/eurosec14/RATVM.pdf

Pre-installed Android application poisoning

https://speakerdeck.com/owaspjapan/pre-installed-android-application-poisoning-number-appsecapac2014

AirBag: Boosting Smartphone Resistance to Malware Infection

http://yajin.org/papers/ndss14_airbag.pdf

SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps

https://www.utdallas.edu/~zxl111930/file/NDSS14b.pdf

AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications

http://sycurelab.ecs.syr.edu/~mu/AppSealer-ndss14.pdf

Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications

https://anonymous-proxy-servers.net/paper/android-remote-code-execution.pdf

DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket

http://filepool.informatik.uni-goettingen.de/publication/sec//2014-ndss.pdf

Reverse Engineering, Pentesting and Hardening of Android Apps

https://speakerd.s3.amazonaws.com/presentations/25bc54e0728001318b20063debaef239/DroidconIT2014.pdf

Predatory Hacking of Mobile: Real Demos

http://www.rsaconference.com/writable/presentations/file_upload/mbs-w03-predatory-hacking-of-mobile-real-demos-v2.pdf

Touchlogger on iOS and Android

http://www.rsaconference.com/writable/presentations/file_upload/mbs-w01-touchlogger-on-ios-and-android-v2.pdf

Beginners Guide to Reverse Engineering Android Apps

http://www.rsaconference.com/writable/presentations/file_upload/stu-w02b-beginners-guide-to-reverse-engineering-android-apps.pdf

Mobile Analysis Kung Fu, Santoku Style

http://www.rsaconference.com/writable/presentations/file_upload/anf-w03-mobile-analysis-kung-fu-santoku-style_v2.pdf

Android FakeId Vulnerability

https://bluebox.com/technical/blackhat-fake-id-talk-material-and-follow-up/