Assalam-u-alikum , what's up all ?
Today I am coming with an Android Security
coding books. Ha ha ha, you know this book name? Yes, it's name "Android
Security cookbook''. This book is dived by nine chapters with 350 pages.
Let's see the content of the book.
Chapter
1: Android Development Tools
Introduction
, Installing the Android Development
Tools (ADT), Installing the Java
Development Kit (JDK) , Updating the API sources , Alternative installation of
the ADT , Installing the Native Development Kit (NDK) , Emulating Android , Creating
Android Virtual Devices (AVDs) ,Using the Android Debug Bridge (ADB) to
interact with the AVDs , Copying files off/onto an AVD , Installing
applications onto the AVDs via ADB .
Chapter
2: Engaging with Application Security
Introduction
, Inspecting application certificates and signatures , Signing Android
applications , Verifying application signatures , Inspecting the
AndroidManifest.xml file, Interacting with the activity manager via ADB, Extracting
application resources via ADB .
Introduction,
Installing and setting up Santoku, Setting up drozer , Running a drozer session , Enumerating installed packages , Enumerating
activities, Table of Contents, Enumerating
content providers , Enumerating services , Enumerating broadcast receivers , Determining
application attack surfaces , Launching activities , Writing a drozer module –
a device enumeration module , Writing an application certificate enumerator.
Chapter
4: Exploiting Applications
Introduction,
Information disclosure via logcat, Inspecting network traffic , Passive intent
sniffing via the activity manager, Attacking
services , Attacking broadcast receivers , Enumerating vulnerable content
providers , Extracting data from vulnerable content providers , Inserting data
into content providers, Enumerating SQL-injection
vulnerable content providers , Exploiting debuggable applications, Man-in-the-middle attacks on applications .
Chapter
5: Protecting Applications
Introduction,
Securing application components , Protecting components with custom permissions,
Protecting content provider paths
Defending
against the SQL-injection attack , Application signature verification
(anti-tamper)
Tamper
protection by detecting the installer, emulator, and debug flag, Removing all
log messages with ProGuard, Advanced code obfuscation with DexGuard
Chapter
6: Reverse Engineering Applications
Introduction
Compiling from Java to DEX, Decompiling DEX files, Interpreting the Dalvik
bytecode, Decompiling DEX to Java, Decompiling the application's native
libraries, Debugging the Android processes using the GDB server.
Chapter
7: Secure Networking
Introduction
, Validating self-signed SSL certificates, Using StrongTrustManager from the
OnionKit library, SSL pinning.
Chapter
8: Native Exploitation and Analysis
Introduction
, Inspecting file permissions , Cross-compiling native executables, Exploitation
of race condition vulnerabilities, Stack memory corruption exploitation, Automated
native Android fuzzing.
Chapter
9: Encryption and Developing Device
Introduction , Using cryptography libraries, Generating
a symmetric encryption key, Securing SharedPreferences data, Password-based
encryption, Encrypting a database with SQLCipher, Android KeyStore providerSetting
up device administration policies, Index.
Let's time to download the book……….
To download the book,click on the download button.
No comments:
Post a Comment