Learning pentesting for Android devices : a practical guide to learning penetration testing for Android devices and applications / / Aditya Gupta ; foreword by Elad Shapira ; cover Image by Michal Jasej

(Visualizza in formato marc) (Visualizza in BIBFRAME)

Autore:	Gupta Aditya
Titolo:	Learning pentesting for Android devices : a practical guide to learning penetration testing for Android devices and applications / / Aditya Gupta ; foreword by Elad Shapira ; cover Image by Michal Jasej
Pubblicazione:	Birmingham, England : , : Packt Publishing, , 2014
	©2014
Descrizione fisica:	1 online resource (154 p.)
Disciplina:	005.3
Soggetto topico:	Application software - Design
	Application software - Development
	Computer networks - Security measures
Persona (resp. second.):	ShapiraElad
	JasejMichal
Note generali:	Description based upon print version of record.
Nota di contenuto:	Cover; Copyright; Credits; Foreword; About the Author; Acknowledgments; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Getting Started with Android Security; Introduction to Android; Digging deeper into Android; Sandboxing and the permission model; Application signing; Android startup process; Summary; Chapter 2: Preparing the Battlefield; Setting up the development environment; Creating an Android virtual device; Useful utilities for Android Pentest; Android Debug Bridge; Burp Suite; APKTool; Summary; Chapter 3: Reversing and Auditing Android Apps
	Android application teardownReversing an Android application; Using Apktool to reverse an Android application; Auditing Android applications; Content provider leakage; Insecure file storage; Path traversal vulnerability/local file inclusion; Client-side injection attacks; OWASP top 10 for mobile; Summary; Chapter 4: Traffic Analysis for Android Devices; Android traffic interception; Ways of Android traffic analysis; Passive analysis; Active analysis; HTTPS Proxy interception; Other ways for SSL Traffic interception; Extracting sensitive files from packet capture; Summary
	Chapter 5: Android ForensicsTypes of forensics; Filesystems; Android filesystem partitions; Using dd to extract data; Using a custom recovery image; Using Andriller to extract an application's data; Using AFLogical to extract contacts, calls, and text messages; Dumping application databases manually; Logging the logcat; Using backup to extract an application's data; Summary; Chapter 6: Playing with SQLite; Understanding SQLite in depth; Analyzing a simple application using SQLite; Security vulnerability; Summary; Chapter 7: Lesser-known Android Attacks; Android WebView vulnerability
	Using WebView in the applicationIdentifying the vulnerability; Infecting legitimate APKs; Vulnerabilities in ad libraries; Cross Application Scripting in Android (XAS); Summary; Chapter 8: ARM Exploitation; Introduction to ARM architecture; Execution modes; Setting up the environment; Simple stack-based buffer overflow; Return-oriented programming; Android root exploits; Summary; Chapter 9: Writing the Pentest Report; Basics of a penetration testing report; Writing the pentest report; Executive summary; Vulnerabilities; Scope of the work; Tools used; Testing methodologies followed
	RecommendationsConclusion; Appendix; Summary; Index
Sommario/riassunto:	This is an easy-to-follow guide, full of hands-on and real-world examples of applications. Each of the vulnerabilities discussed in the book is accompanied with the practical approach to the vulnerability, and the underlying security issue. This book is intended for all those who are looking to get started in Android security or Android application penetration testing. You don't need to be an Android developer to learn from this book, but it is highly recommended that developers have some experience in order to learn how to create secure applications for Android.
Titolo autorizzato:	Learning pentesting for Android devices
ISBN:	1-78328-899-X
Formato:	Materiale a stampa
Livello bibliografico	Monografia
Lingua di pubblicazione:	Inglese
Record Nr.:	9910822306003321
Lo trovi qui:	Univ. Federico II
Opac:	Controlla la disponibilità qui

Serie: Community experience distilled.

Documenti simili

Computer exercises to accompany Structure and interpretation of computer programs : version for IBM PC compatible machines / Harold Abelson, Gerald J. Sussman and friends
75 Programmi in Basic per il vostro computer / di Lon Poole, Mary Borchers, Carroll Donahue Poole, Lon
Hyperidea : ambiente integrato per lo sviluppo di applicazioni ipertestuali : versione 1.0 per personal MS DOSS / Corrado Ermacora Ermacora, Corrado
A model curriculum for doctoral-level programs in health computing : report of the ACM committee on curriculum for health computing education / K. A. Ducan ... [et al.] Duncan, K. A.
LAPACK user's guide / E. Anderson ... [et al.]

Computer exercises to accompany Structure and interpretation of computer programs : version for IBM PC compatible machines / Harold Abelson, Gerald J. Sussman and friends

75 Programmi in Basic per il vostro computer / di Lon Poole, Mary Borchers, Carroll Donahue
Poole, Lon

Hyperidea : ambiente integrato per lo sviluppo di applicazioni ipertestuali : versione 1.0 per personal MS DOSS / Corrado Ermacora
Ermacora, Corrado

A model curriculum for doctoral-level programs in health computing : report of the ACM committee on curriculum for health computing education / K. A. Ducan ... [et al.]
Duncan, K. A.

LAPACK user's guide / E. Anderson ... [et al.]

1 2 3 4 5 6 7 8 9 10 11 12 13 ... > >>