Abstract

Introduction to Android
• Android Architecture
• Android Security Architecture
• Android Permission model
• Application Sandboxing
• Setting up Android Emulator
• Setting up a Mobile Pentest Environment
• Bypassing Android Permissions
· Application Analysis

· Reverse Engineering

· Introduction to Drozer

· Using Drozer to find and exploit vulnerabilities

· Traffic Interception (Active and Passive) of Android Applications

· OWASP Top 10 for Android

Speaker

Abhinav Sejpal

Fell in love with the power of software at age 17, and he is still in love. He is a security researcher, and SecDevOps ninja working at Accenture UK. Abhinav frequently speaks and runs technical sessions at security events and conferences around the world (OWASP AppSec USA, DevSecCon, OWASP Summit, Null and OWASP Meetup). He has reported security vulnerabilities to 200+ Unique product giants all over the world including Apple, Adobe, Twitter, Linkedin, Yahoo, Superdry, Pinterest, VK etc. He enjoys finding and exploiting software vulnerabilities via reverse engineering, source code auditing, fuzzing. He researches primarily focused DevSecOps, Android, iOS Mobile App and open source project like ASVS, OWASP Mobile Top 10, Mobile Security Framework etc. Abhinav has trained over 50+ researchers and developers in information security for companies and organisations across the world.

Timing

Starts at Saturday April 25 2015, 09:00 AM. The sessions runs for about 8 hours.

Resources