Certified Android Penetration Tester (CAPT) Indian Cyber Security Solutions - ICSS
Price: AED 698
  • Duration: 3 Months

Course details

Certified Android penetration testing Training will help the students and application developers to discover new techniques for android based application hacking. Android is a Linux based kernel mobile platform which had gained its popularity in mobile based smart phone devices. Due to the rise in competition organizations have adopted the new technology of android based application in order to remain in touch with their customers every time. Starting from banking industry to hospital industry every organization has shifted their focus in developing android applications to be in touch with their clients.

Just like the web based application requires periodical penetration testing android applications also requires the same as they are exposed to the same risks. Android penetration testing is the integral part of SDLC. Our Certified Android Penetration Testing Training focuses on how students and android developers can test their application before they launch it into the market. Android platform need to be secure in two levels i.e application level & device level. We will use virtual machine for testing android application with the use of different tools like Burp suite, Mallory, APK tool, Manifest explorer, Android SDK etc.

Course Content:

Lesson 1: Introduction To Android Security

Android is a Linux kernel mobile platform. Android runs on a wide range of devices, from mobile smartphones and tablets, to set-top boxes. The Android mobile operating system is dependent upon the mobile device's processer capabilities for its performance.

Lesson 2: Creating a Suitable Penetration Testing Environment

  • Introduction To Custom ROMs And Kernels 
  • Introduction to Bootloaders and Recoveries 
  • CWM and TWRP 
  • Flashing custom Recoveries 
  • Flashing custom ROMs and Kernels 
  • Introduction to CyanogenMod, AOSP, AOKP and other Android projects 

Lesson 3: Application dynamic run-time analysis

  • Monitoring process activity 
  • Observing file access 
  • Monitoring network connectivity 
  • Analyzing logs 
  • Run time instrumentation and manipulation 
  • Memory modification for running applications 

Lesson 4: Traffic analysis and manipulation

  • Common Vulnerabilities Related to Traffic 
  • Proxies and sniffers 
  • Sensitive information transmission 
  • Importing SSL certificates & trusted CA's 
  • Bypassing server certificate validations 
  • Exposing insecure traffic 
  • Validating server certificates and avoiding man-in-the-middle 
  • Client side certificate authentication 

Lesson 5: Pentesting Server-side Communication

  • Common app-to-server vulnerabilities 
  • Proxies vs Transparent Proxies 
  • Installing Trusted CA on an Android device 
  • Performing fuzzing on the Application Server 
  • Testing for conventional vulnerabilities server-side (Eg. SQLi, XSS, CSRF, Cookie Hijacking etc) 

Lesson 6: Android Malware

  • Students will be provided an Android malware sample to test and decompile and analyze 
  • Android malware apk testing to decrypt communication 
  • Providing Source-code of a second Android malware for manual modification and compiling 
  • Identifying connection strings and API calls 

Lesson 7: Penetration Testing with Android

  • Setting up various tools and security suites to facilitate penetration testing with an Android device 
  • Packet sniffing and DOS attacks on Android 
  • ARP Spoofing on Android devices 

Lesson 8: Vulnerability scanners

Lesson 9: Maintaining anonymity on an Android device

Lesson 10: Network Pentesting using Android devices

Lesson 11: Web Application attack techniques on Android

Lesson 12: Running Kali tools within Android devices

Updated on 30 October, 2018

Eligibility / Requirements

Students and working professionals who have strong command on Java programming language and android development can go for this course. It is highly recommended course for android developers who can really develop a bug free applications for their organization.

About Indian Cyber Security Solutions - ICSS

Cyber Security scenario had changed dramatically in India in the recent past where ICSS as an organization caters to the need of technology based risk management & cyber security solution in India. By this time it has gathered a good deal of momentum and has reached a distinguished position out of the leading firms in this domain in the country. We provide all sorts of solutions to our clients & protect them from the manifold of cyber attacks they are exposed to in their day-to-day activities. We assure them all round shield against data theft, security breaches, hacking, network vulnerability, virus attacks, system compromise, frauds etc. through our expertise solution package of cyber security audit & assurance, I.T. service management, information security and business technology advisory. We have designed & devised a plethora of cyber security solution services taking into account the needs of the hour in the present context. We build up B 2 C relationships not only in producing solution package but also by creating a long standing support system through our talented and dynamic professionals who are committed to the cause. We assure all round cyber security solution to our clients in risk management and ensure their protection vis-a-vis optimal sustainable performance. We are working for the last decade with professionally certified ethical hackers & ISO 27001 Auditors
See all Indian Cyber Security Solutions - ICSS courses
Courses you can instantly connect with... Do an online course on Certified Ethical Hacker (CEH) starting now. See all courses

Is this the right course for you?

Didn't find what you were looking for ?

or