The Complete Guide to Android Bug Bounty Penetration Tests

The Complete Guide to Android Bug Bounty Penetration Tests

by Scott Cosentino
Released February 2021
Publisher(s): Packt Publishing
ISBN: 9781801077774

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

An app is often vulnerable to many attacks. Revealing vulnerabilities in applications and networks, testing cyber defense capabilities, and monitoring penalties are just a few among the many reasons why penetration testing is so important. With this in mind, this course introduces you to an array of tools that will help you test a vulnerable Android app.

To identify vulnerability issues, we will use popular tools such as Drozer and the Burp Suite. To decompile the code, you will use tools Dex2Jar and Jadx. However, decompiling the code is not possible for closed third-party apps; in such cases, you will have to reverse-engineer the code, and for this, you will learn how to use the Android Debug Bridge.

By the end of the course, you will be able to simulate an attack on any Android application and exploit its vulnerabilities.

What You Will Learn

  • Intercept traffic between the app and the server using the Burp Suite
  • Identify vulnerabilities by reading the source codes
  • Identify access control issues
  • Exploit broadcast receivers using Drozer
  • Use Jadx to produce Java source code from Android Dex and APK files

Audience

This course is ideal for Android developers looking to secure their applications and Bug Bounty participants looking to target Android apps. People looking to expand their knowledge of computer security will also find this course useful.

About The Author

Scott Cosentino: Scott Cosentino is a software developer and teacher currently working in computer security. Scott has worked extensively with both low- and high-level languages, working on operating system- and enterprise-level applications. Scott has a passion for teaching and currently writes and creates videos on computer security and other programming topics. He has developed an extensive library of courses and has taught over 45,000 students through courses with Udemy, Packt, and CodeRed. He maintains a blog on Medium, and is active on YouTube and LinkedIn, where he enjoys creating content and interacting with students.

Publisher resources

Download Example Code

Product information

  • Title: The Complete Guide to Android Bug Bounty Penetration Tests
  • Author(s): Scott Cosentino
  • Release date: February 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781801077774