In this chapter, we focus on pen testing the Android platform and applications. We start by covering penetration methodology, discussing how to obtain details on the Android operating system. We then turn to pen testing Android applications and discuss security for Android applications. Towards the end, we talk about relatively newer issues (including storage on clouds) and patching. Finally, we showcase recent security issues for Android applications.
The reader should now be familiar with Android architecture (covered in Chapter 2), Android application basics (building blocks, frameworks; covered in Chapter 3), and Android permissions and security models (covered in Chapter 4).