Android Pentest 101

A curated list of Android Security materials and resources For Pentesters and Bug Hunters. This Repository will guide you on How to start with Android pentesting from scratch, enjoy it!!

Basics

Android Application Framework: Beginner’s Guide :
https://www.hackingarticles.in/android-application-framework-beginners-guide/
How Android OS Starts You Application :
https://proandroiddev.com/android-internals-101-how-android-os-starts-you-application-e1c98a014c05
The internals of Android APK build process :
https://medium.com/androiddevnotes/the-internals-of-android-apk-build-process-article-5b68c385fb20
Android Architecture :
https://payatu.com/blog/amit/Need-to-know-Android
Java for Android :
https://www.youtube.com/watch?v=fis26HvvDII
Environment setup for Android Pentesting:
1. Use Mobexler for tools :
  https://mobexler.com/setup.htm
2. Emulator and Burpsuite Setup:
  - Genymotion:
    https://www.arridae.com/blogs/setting-up-an-android-pt-environment.php
  - Nox Player:
    https://medium.com/swlh/android-mobile-penetration-testing-lab-dfb8ceb4efbd
Understand Owasp Top 10:
- Using DIVA
  - Simple level :
    https://danishzia.medium.com/diva-android-app-walkthrough-bce72b7f273a
  - Code level :
    https://reversingbinaries.in/diva-apk-analysis/
- Aditya Agarwal Writeups (Go through all)
  https://manifestsecurity.com/android-application-security/
Understand the working of tools:
APK Reversing
- Apk Reverse Engineering :
  https://www.hackingarticles.in/android-penetration-testing-apk-reverse-engineering/
- APK Reversing (Part 2) :
  https://www.hackingarticles.in/android-penetration-testing-apk-reversing-part-2/
- Solve InjuredAndroid CTF :
  https://github.com/B3nac/InjuredAndroid
Exploiting Insecure Firebase Database! :
https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty/
Dumping Android application memory with fridump :
https://securitygrind.com/dumping-android-application-memory-with-fridump/
Android App Security & Testing :
https://infosecwriteups.com/android-app-security-testing-156a052ce7e8

Intermediate

Understand SSL Pinning Implementation and it's bypass :
https://redhuntlabs.com/ultimate-guide-to-android-ssl-pinning-bypass
Understand Root Detection Implementation and it's bypass :
- Using frida:
  https://redfoxsec.com/blog/android-root-detection-bypass-using-frida/
- Using Reverse engineering APK :
  https://resources.infosecinstitute.com/topic/android-root-detection-bypass-reverse-engineering-apk/
- Using Xposed :
  https://medium.com/@cintainfinita/android-how-to-bypass-root-check-and-certificate-pinning-36f74842d3be
- Using Magisk:
  https://techviral.net/bypass-apps-root-detection-android/
- Comparison of Different Android Root-Detection Bypass Tools:
  https://medium.com/secarmalabs/comparison-of-different-android-root-detection-bypass-tools-8fd477251640
Intent Redirection, Intent spoofing and intent interception
- Penetrate the Protected Component in Android Part -1 :
  https://payatu.com/blog/amit/Penetrate_the_protected_component_in_android_Part-0
- Penetrate the Protected Component in Android Part -2 :
  https://payatu.com/blog/amit/Penetrate_the_protected_component_in_android_Part-2
WebView Attacks :
https://www.hackingarticles.in/android-penetration-testing-webview-attacks/
Drozer :
https://www.hackingarticles.in/android-penetration-testing-drozer/
Android App Reverse Engineering 101 :
https://www.ragingrock.com/AndroidAppRE/
Frida :
- Workshop on Frida :
  https://www.youtube.com/watch?v=Bwf3eyU-hi4
- Sharpening your FRIDA scripting skills with Frida Tool :
  https://blog.securelayer7.net/sharpening-your-frida-scripting-skills-with-frida-tool/
- Andromeda- GUI based Dynamic Instrumentation Toolkit powered by Frida :
  https://www.youtube.com/watch?v=qOEaA2CNNmUhttps://blog.securelayer7.net/sharpening-your-frida-scripting-skills-with-frida-tool/
- Configuring Frida with BurpSuite and Genymotion to bypass Android SSL Pinning :
  https://arben.sh/bugbounty/Configuring-Frida-with-Burp-and-GenyMotion-to-bypass-SSL-Pinning/
- Frida's Gadget Injection on Android: No Root, 2 Methods
  https://fadeevab.com/frida-gadget-injection-on-android-no-root-2-methods/
- Exploration of Native Modules on Android with Frida :
  https://payatu.com/blog/amit/explore_android_native_modules_using_frida
Exploiting Android Fingerprint Authentication :
https://medium.com/@ashishf6/exploiting-android-fingerprint-authentication-25dd9263bd74
Bypass of Biometrics & Password Security Functionality For android :
https://infosecwriteups.com/bypass-of-biometrics-password-security-functionality-for-android-8e0174ac7cac
Android Hooking and SSLPinning using Objection Framework :
https://www.hackingarticles.in/android-hooking-and-sslpinning-using-objection-framework/
Android Security Tools :
https://reconshell.com/android-security-resources/

Mind Map

Advance

Go deeper in what you have learned till now ... There are lot's of material avaialble on internet to learn from. I will mention some of them which will help you to move further.

Mobile Application Penetration Testing Cheat Sheet :
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
Awesome-Android-Security :
https://github.com/saeidshirazi/awesome-android-security
AllThingsAndroid :
https://github.com/jdonsec/AllThingsAndroid
awesome-mobile-security :
https://github.com/vaib25vicky/awesome-mobile-security
Android-Pentesting :
https://github.com/pollonegro/Android-Pentesting

Contributions

Your contributions are always welcome!

If you want to contribute to this list (please do), send me a pull request or contact me @AnubhavSingh_

Support

Love it? Buy me a Tea when you meet me outside (preferred) 🥤 or via

dn0m1n8tor/AndroidPentest101