Course Introduction
Introduction
Setting up Android Pentesting Lab
Android Application Penetration Testing - Basics
-
Introduction (0:50)
-
Introduction to Android App Pentesting (2:49)
-
Reversing Android Apps with APKTOOL (9:12)
-
Reversing Android Apps with dex2jar and JD-GUI (4:12)
-
Intercepting HTTP Traffic (11:16)
-
Intercepting HTTPS Traffic (17:29)
-
Insecure Data Storage vulnerabilities (7:36)
-
Server Side Vulnerabilities (7:18)
-
Introduction to client side vulnerabilities (1:24)
-
Weak Crypto and Authorization Vulnerabilties (7:00)
-
Exported Application Components (14:27)
-
Insecure Logging (2:04)
-
Client Side Injection (4:09)
-
Clipboard - Copy Paste issues (1:35)
Android Application Penetration Testing - Advanced
-
Introduction (0:44)
-
Introduction to client side protections in Android Apps (2:55)
-
Introduction to Frida (1:46)
-
Root Detection Bypass using Objection (17:57)
-
Insecure Local Data Storage - Revisited (5:07)
-
Client side SQL Injection - Revisited (1:32)
-
Traffic Analysis - Revisited (6:22)
-
Introduction to Frida CLI (2:58)
-
How Frida Scripts work? (2:40)
-
Creating a JavaScript template for writing Frida Scripts (9:26)
-
Enumerating loaded classes using Frida (7:13)
-
Getting class properties using Frida (7:03)
-
Bypassing Root Detection using Frida (5:42)
-
Dumping string arguments using Frida (8:13)
-
Tracing WebView calls using Frida (2:49)
-
Introduction to end to end encryption (8:30)
-
Dumping encryption keys using Frida (11:05)
-
SQL Injection with encrypted Payloads (8:07)
-
Introduction to SSL Pinning (5:45)
-
Bypassing SSL Pinning using Frida (12:30)
-
Fixing errors in SSL Pinning Bypass script (0:49)
-
Reversing and Patching Android Apps to bypass SSL Pinning (7:53)
Conclusion
