Chapter 6. Full Steam Ahead – Attacking Android Applications
The strategy of attacking is to allow your enemy to make mistakes.
In this chapter, we will be breaking down all of the facts that we need to start attacking and penetration testing Android applications. Each tool that was covered in the previous chapters will be put to good use by us referencing them and what they can do for a given vulnerability. The chapter will discuss all the top 10 OWASP mobile application vulnerabilities and how to attack Android apps and their given weaknesses, with examples. The reader should walk away with knowledge of the following:
- Attacking Android components
- Attacking Android WebViews
- Assessing implementation vulnerabilities
- Abusing web traffic for MitM attacks ...