Android Humla

Speaker(s): 
sneha's picture
Sneha
Rajguru
Security Consultant
Payatu Technologies Pvt.Ltd.

I work as a security consultant at Payatu Technologies.

A Certified Ethical Hacker and a Licensed Penetration Tester from EC Council.

Member of Null - The open security community, presented talks on various information security related topics and have also conducted hands-on sessions on web application and mobile security. Have provided training on web security and ethical hacking. 

 

 

 

 

 

FAS ID: 
snehraj
rutwij's picture
Rutwij
Kulkarni
Security Consultant
Payatu Technologies Pvt. Ltd.
FAS ID: 
rutwij
Bio: 

Sneha: I work at Payatu Technologies Pvt.Ltd. A Certified Ethical Hacker and a Licensed Penetration Tester from EC Council. Also an active member of null Pune Chapter and have presented talks on various information security related topics during the local null meets(Pune chapter). I have also conducted and attended various seminars/workshops on web security and ethical hacking and also on mobile application security and secure coding.Conducted CTF (Capture the flag) challenges and related workshops.My area of interest lies in Web application and mobile application security,fuzzing, Artificial Intelligence, playing at bug bounty programs. Rutwij: Security Consultant @ Payatu Technologies Pvt. Ltd, Pune. Responsible for performing security assessments of Android/ iOS/ Windows phone/ tablet applications. Active null Pune member. Interest lies in Mobile device security research, mobile application security research, Artificial Intelligence, Neural networks and stuff, conducting and attending technical workshops and conferences, bug bounty programmes, robotics, knowledge gaining and sharing. Non professional interests are trekking, sports, mentoring students at academic level. Cya'll @ FUDCon ! Cheers !

  1. Android Introduction
  2. Android Architecture
  3. Android File system
  4. Android Security & Kernel
    • Linux kernel based protections
    • Android OS specific protections
  5. Permission modules
  6. Application Components
    • Activities
    • Intents
    • Services
    • AndroidManifest.xml
  7. Reverse engineering
    • Dex2jar
    • Jd-gui
    • Apktool
    • Smali/Baksmali
  8. ADB- Android Debug Bridge
  9. SSL pinning bypass
  10. Signing applications for android
  11. Penetration testing
    • Burp suite (proxy)
    • Drozer
    • Application hooking using Introspy.
    • Exploiting android using Metasploit.
  12. Application analysis
    • Analyze data at rest
    • Intercept data
  13. OWASP Top 10
  14. Mobile forensics
  15. Reporting Bugs

Pre-requisites:

  1. Laptop: Linux environment preferred (BYOD).
  2. Comfortable with android smartphone or tablet.
  3. Basic Linux and ADB commands.
  4. Self-learning and an enthusiastic attitude.
  5. Rooted android devices/ emulators.

Note: All other tools/apps will be provided during training hours.

Session Track: 
Workshop
Session Time Slot(s): 
Experience level: 
Intermediate