Scribd
Upload
306 views1 page

Android Security Roadmap

This document provides an overview of key concepts in Android security including encryption, hashing, cryptography, networking, permissions, application components, server interaction, static and dynamic analysis, and debugging. It covers topics like encryption algorithms, the Android architecture, application permissions, interacting with servers, analyzing APK files, and debugging tools.

Uploaded by

pushpeshkarki
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
306 views1 page

Android Security Roadmap

This document provides an overview of key concepts in Android security including encryption, hashing, cryptography, networking, permissions, application components, server interaction, static and dynamic analysis, and debugging. It covers topics like encryption algorithms, the Android architecture, application permissions, interacting with servers, analyzing APK files, and debugging tools.

Uploaded by

pushpeshkarki
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Android-Security

Encryption
Java
Hashing
Kotlin
MAC Cryptography
XML
RSA Programing languages
Prerequisites 0 C / C++
AES
Smali

Assembly

OCI Model Linux Kernel

TCP / IP HAL

DNS Native Library


Networking Architecture Layes
HTTP Android Runtim

SSL / TLS Java API

Proxy System App

IPC File

binder Sqlite
Android Design & Architecture 1
Storage Database Room
Dalvik VM
Realm

SandBoxing Sharedprefrence

User & group


protection levels
Explicit
Filesystem / Partition
Implicit
Intent 2 Permissions Aplication level
Intent Filter

Deep Link Custom Permission

Android Architecture Components Component Level


Cryptography

Navigation Manifest

Interacting with Other Apps


Activity
User Interface 3 Application Components
Service
Images and graphics
Core Api
Audio & Video Content Provider

background processing
Broadcast Reciever
App data and files

Touch and input

Sensors

Connectivity

SSL Pinning Confidentiality & Authentication

Certificate Validation Server Interaction 4

OkHttp

SSL / TLS Implementation HTTP Library Volley

Retrofit

Proxy & Sniffer for HTTP Traffic

Burp Suite

APK Development Process

APK Structure

Decompiling
Decompiling

Disassembling Native Code JADX

Ghidra / IDA
5 Static Analysis APKtool

Code Patching

ADB

Genymotion

AVD Emulator

Bluestack
Virtual-machine
Debuging
Detection / Bypass SSL-pin

Rooting
Hooking

Stack trace Dynamic Analysis 6


Frida

Drozer

Objection
Tools
Xposed

RMS

MOBSF

7 Common Attacks

Insecure Logs

Permission Issue
Webview Issue

Insecure Data Storage

Insecure Data Transmission


Insecure IPC

You might also like