No video
Android Application Pentesting - Mystikcon 2020
Рет қаралды 68,072
Күн бұрынI had the opportunity to present at Mystikcon in December 2020 on Android Application Pentesting. In this talk I cover all the basic components of Android app and then talked about Static and Dynamic Analysis (with demos). I hope you find this video useful and please feel free to comment if you have any questions related to Android App Pentesting.
My Twitter: / _r00t_
Disclaimer: This presentation is meant to help those interested in Ethical Hacking practices, to audit their own applications and develop security skills. Please do not use anything learned from this videos for malicious activity. Hacking is a crime and illegal and this presentation does not condone or approve hacking in any way. I take no responsibility for how you choose to use the information presented here.
@WiseFoxSecurity 3 жыл бұрын
Please let me know if you are interested in Android App Pentesting series in the comment section below. Please like the video and subscribe to my channel if you are interested in Android App Pentesting series. Please share this video with others if you found this talk useful. Thanks
@prathmeshgidde5095 3 жыл бұрын
Why your not uploading videos
@alexosunga5527 3 жыл бұрын
I'm a junior pentester and I'm interested in the android app pentest.
@itsme7570 2 жыл бұрын
Keep them coming brother!!!
@itsme7570 Жыл бұрын
Links provided to GitHub repos where they at?
@0x_hacks 5 ай бұрын
Yes please make more details video related to andriod apps vulnerabilities and submitted these reports
@domaincontroller 2 жыл бұрын
04:00 APK 05:38 manifest 06:37 classes.dex 07:12 res 07:43 META-INF 09:19 demo, unzip 10:55 apk decompilation, jadx, static analysis, mobsf 14:05 apktool 17:22 MOBSF, docker container, drag n drop, false positive 21:20 hardcoded credentials 23:26 classes.dex, jd-gui, jar file 26:12 Activities 28:17 implicit intent 30:05 broadcast receivers 31:35 services 32:10 content provider 33:41 dynamic analysis 34:56 frida, drozer, RMS, objection 35:55 frida, ssl pinning, aws keys on the fly, genymotion 38:38 frida set up 40:00 dynamic analysis 43:10 all running processes, packages
@Sauljericho 2 жыл бұрын
Underrated comment
@pratapkhandulwan9319 3 жыл бұрын
Such a great quality of content provided in this session. Thank you for uploading it, and hoping for upcoming videos on mobile penetraion testing with more deeper approaches and concepts.👍
@tksec9416 3 жыл бұрын
Thanks a lot for this amazing talk! You’re great at breaking down key concepts in a beginner friendly way.
@scarytruths01 Жыл бұрын
This is excellent... im in the middle of a bug bounty that requires some android pentesting knowledge. The video really helped.
@zmoraubecka9906 3 жыл бұрын
Amazing video! I have been performing web/infra pentesting for a while and just started my journey with the mobile testing. This video sorted out the methodology I should start with in a great way. Thanks bro and keep creating such videos!
@WiseFoxSecurity Жыл бұрын
You're most welcome 🤗
@krishnasoni4427 3 жыл бұрын
Sir it's really helpful plzz posts more video's ❤️ .i am from India
@petitloukoum0 Жыл бұрын
this is really the video I was looking for, thank you very much. I saw that you were not very active anymore but thanks for teaching me all this.
@anthonytuff8783 3 жыл бұрын
The video was of good quality..I'm testing an android app, at least now I know where to get started. Upload more videos for Static analysis. This one was helpful
@tazimulsohag2200 3 жыл бұрын
yes we are highly interested to learn new things from you
@learningtime9861 8 күн бұрын
Thanks buddy for setting up so nicely.
@zeorjvistr6245 2 жыл бұрын
best video for me, When can we expect the series for it + You are a great teacher 👍
@Marco1_1 Жыл бұрын
i don't now how to say thank you man pls we need more videos in Statics Analysis
@wardellcastles 8 ай бұрын
MOBSF Rules! Love that now there's a Docker image.
@Reacher6207 8 ай бұрын
It's ok but it produces lots of False positives.
@AshleyEhSMR Жыл бұрын
I had adb on my android device, and it went completely over my head to use it on the linux. I was trying to tunnel my tcp traffic, which is a not nearly as fluid as that. 😅 I feel so silly - thank you for the reminder & useful information 🙌✨
@WiseFoxSecurity Жыл бұрын
Haha yes the ADB way is easier. I have tried TCP tunneling in the past but never got used to it for some reasons haha
@AshleyEhSMR Жыл бұрын
@@WiseFoxSecurity ADB doesn’t require you to make so many configurations and changes to your network to get the outcome of which you’re looking compared to TCP tunneling. I’m sure there’s benefits to it that I’m too ignorant to understand, at this point, that I’m missing out on, but ADB is a brilliant option. Not sure if you’ve used it, and would be curious on your opinion of NordVPN Meshnet?
@funkymonk2254 3 жыл бұрын
Thank You so much!! I appreciate such an easy to understand and informative introduction to app pentesting.
@dayumnson9769 3 жыл бұрын
wow this was a great talk, thanks a lot!
@WiseFoxSecurity 3 жыл бұрын
Thanks a lot for the feedback. Glad you found the video useful ☺️
@akhlaquecybersecurity Жыл бұрын
Awesome road maps for implementation
@nikoshalk 3 жыл бұрын
very nice introductory video!
@python1tz229 2 жыл бұрын
thank you so much, this video has opened my way to android pentesting
@WiseFoxSecurity 2 жыл бұрын
Wow this comment made my day. I am so glad that you found this video useful. I'll upload more videos soon. Happy holidays everyone!!
@python1tz229 2 жыл бұрын
@@WiseFoxSecurity Real useful, android pentesting was always mysterious to me, after this, then my plan for 2022 is to go for android pen testing, I have already subscribed to your channel and whoever asks me about android hacking I will recommend your channel, keep up great video. thank you for your free knowledge, waiting for more
@Hybrid_Netowrks 2 жыл бұрын
Awesome and Thank you so much from Pakistan. Amazing quality content
@hggghg98 2 жыл бұрын
The best video in my week Thanks alot 😘
@rajanagori513 3 жыл бұрын
Thank you so much for this tutorial, kudos to you. Keep sharing content like this. Stay safe👍
@Reacher6207 3 жыл бұрын
Thanks a lot for the feedback. Yes that's the plan ☺️
@rajanagori513 3 жыл бұрын
@@Reacher6207 please provide more content on the same, that's really helpful for me atleast
@hashmattabibi6370 3 жыл бұрын
Wow, Thanks a lot.
@emmanuelsadiq2165 2 жыл бұрын
Thanks for this tutorial
@Lfomod1Dubstep 3 жыл бұрын
Very well done! Thank you for sharing :)
@foxgameplay5449 2 жыл бұрын
in some apps ssl bypassed failed to get request so what we can do more ?
@AkashJhaDDN 3 жыл бұрын
Thankyou sir
@zafirjeeawody8628 2 жыл бұрын
what check should we implement to prevent the password hack ?
@viveknair4709 3 жыл бұрын
Sir, do you have any lectures privilege escalation vulnerabilities or can you please mention any relevant sources for those that can research into
@akhlaquecybersecurity Жыл бұрын
Please go ahead
@thecapletsecurity7316 Жыл бұрын
Can you please tell me how can i download any application apk if want to perform the pentesting on that apk.
@testtesting1030 2 жыл бұрын
Where are the APK you mentioned to download for practice?
@Basudarammm Жыл бұрын
Nice job
@viveknair4709 3 жыл бұрын
Is there videos based on android application's vulnerabitily analysis using common tools..
@paularvie9473 2 жыл бұрын
does this work on app built with reactNative?
@paularvie9473 2 жыл бұрын
or only java?
@jiayaoou8254 3 жыл бұрын
how to use bria from burpsuite
@mayankgiri7853 2 жыл бұрын
Sir please make full video in PIVAA practical..
@abbasa68a39 Жыл бұрын
hi thanks for your best tutorial just teach more on real application like application that have dexguard and we can't read they code
@Exendes 2 жыл бұрын
Possible to change the code and recompile the apk? I want to bypass an sms verification
@BugHunter-im3iu 6 ай бұрын
Make so many videos for this 👩💻
@ratnalaabhinav6182 2 жыл бұрын
plz make a video on mob sf installation on kali Linux and windows
@RealOrji 12 күн бұрын
Interested.
@moss460 2 жыл бұрын
can you pls tell me where I can find all links of your "some useful links" slide?
@wolfrevokcats7890 2 жыл бұрын
54:00 he did mention it on the video
@lookback6314 2 жыл бұрын
thanks!
@silverman2263 3 жыл бұрын
Plz make more videos for android app model
@hackingtips1072 3 жыл бұрын
what is the IOS simulator for windows? like genymotion
@MoreYaseen 2 жыл бұрын
not possible... only for mac
@silverman2263 3 жыл бұрын
Super video sir
@wolfrevokcats7890 2 жыл бұрын
54:58 Approach Install app in emulator such as Static analysis, hardcoded key/secrets using tools such as mobsf Dynamic analysis, Use Frida
@yoshi5113 3 жыл бұрын
can you share all links in the useful link section?
@wolfrevokcats7890 2 жыл бұрын
54:00 he did mention it on the video
@raghul1208 3 жыл бұрын
nice!!
@hectorm9764 2 жыл бұрын
Buenas, alguien me puede recomendar por favor un buen curso o certificación de mobile hacking para aplicaciones ios y android?, gracias!!!
@kumarniloy1798 3 жыл бұрын
Best books for android penetration without android hackers handbook and mobile application hacker's handbook both are outdated
@ca7986 3 жыл бұрын
👌
@achrafelhardi8055 3 жыл бұрын
Somone hack cambly for me? ❤️❤️
BSides Prishtina
Рет қаралды 190 М.
Sabyasachi Paul - h0tPlug1n
Рет қаралды 41 М.