Android Training

Introduction

In today’s increasingly digitized world, cybersecurity has become a top priority for organizations of all sizes and sectors. With the constant evolution of cyber threats, it is imperative for businesses to stay ahead of the curve and ensure the security of their sensitive information and assets. One of the most effective ways to achieve this is through cybersecurity training programs that educate employees on the best practices and strategies for identifying and mitigating potential cyber risks.

Arrownex Information Technology (hereafter referred to as “Arrownex” or “Vendor”) is a leading provider of cybersecurity services and training programs, specializing in equipping organizations with the knowledge and skills needed to defend against cyber threats. Through our comprehensive training programs, we aim to empower employees to identify potential security risks, respond to incidents promptly and effectively, and maintain a proactive approach to cybersecurity. Our experienced trainers bring a wealth of knowledge and expertise to the table, drawing on their industry experience and up-to- date knowledge of the latest threats and trends to provide relevant and actionable training content. We work closely with your organization to understand your unique security needs and develop a training program that addresses your specific pain points and vulnerabilities.

Arrownex would like to thank (hereafter referred to as “” or “Client”) for giving us the opportunity through this training outline document to present our offering for conducting training for the employees of . In this training outline document, we outline our approach to delivering high-quality cybersecurity training to your organization, including the scope of the engagement, assumptions and exclusions, estimated timelines, and associated commercials. Our goal is to work collaboratively with your team to develop a tailored training program that meets the unique needs of your organization and equips your employees with the knowledge and skills they need to keep your business safe and secure in today’s ever- changing digital landscape.

Training Syllabus

Learning Malware Analysis is a multi-disciplinary approach that involves understanding assembly language, operating systems, networking, file formats, and programming concepts, along with practical experience in using analysis tools and reverse engineering techniques to dissect and understand the behavior of malicious software.

3.1 Android Application Vulnerability Analysis & Exploitation
Course Description

The training will prepare you to evaluate effectively and assess the security weaknesses of built-in and third-party Android applications. You’ll learn to assess an application and understand all the risks so that you can characterize threats basing on industry standards such as OWASP MASVS.

Understanding and identifying vulnerabilities and threats to Android devices is a valuable skill as mobile device applications introduce new threats to organizations, including data leakage, and the disclosure of enterprise secrets, intellectual property, and personally identifiable information assets.

3.2 Android Application Vulnerability Analysis & Exploitation (Intermediate)

Training starts with the overview of Android internals, security architecture and application development ecosystem. We look into industry adopted reverse engineering techniques, including static and dynamic analysis. We use tools such as jadx, apktool, medusa, RMS, Frida etc. Finally, we make use of an a vulnerable Android application to write exploits and do penetration testing.

Module 1: Overview

1.1 Android Architecture

  • Android device architecture and framework
  • Analysis of implemented security controls
  • Application development and usage of application components

 

1.2 Android Application Interaction

Android application interaction through

  • Activities
  • Intents
  • Services
  • Broadcasts receivers
  • Protection of application components through permissions and signatures

 

1.3 Environment

Android mobile application analysis with Android Debug Bridge (ADB) tools Uploading, downloading, and installing applications with ADB

Module 2: Static Analysis

2.1 APK Structure

  • Dex file and SDKs
  • Assets and resources
  • Native library code
  • Android Manifest and META_INF

2.2 Analysis Techniques

  • Decompiling and disassembling applications
  • Android application manipulation with Apktool
  • Reading and modifying Dalvik byte code
  • Using jadx for reading decompiled Java code

2.2 Third-Party Application Frameworks

Identifying Flutter & React-Native applications

Module 3: Dynamic Analysis

3.1 Instrumentation & Analysis

  • Method hooking with Frida and Runtime Mobile Security (RMS)
  • Enumerating classes information
  • Gathering information from the loaded classes

3.2 Network analysis

SSL unpinning techniques and capturing network traffic

Module 4: Vulnerability Analysis & Penetration Testing

4.1 Testing the vulnerable application

  • Analyzing data storage
  • Analyzing network communication
  • WebView misconfigurations and vulnerabilities
  • Vulnerabilities in deep links

Sensitive Functionality Exposure Through IPC

  • Services
  • Intents
  • Content Providers

4.3 Exploiting live applications

Proof-of-concept demo

CTF

Participants will be provided with multiple Android apps containing vulnerabilities.

Participant should analyze the applications, find the vulnerability, write specific exploit, perform successful attack and grab the flag

Module 1: Overview

1.1 Android Architecture

  • Android device architecture and framework
  • Analysis of implemented security controls
  • Application development and usage of application components

1.2 Android Application Interaction

Android application interaction through

  • Activities
  • Intents
  • Services
  • Broadcasts receivers
  • Protection of application components through permissions and signatures

1.3 Environment

Android mobile application analysis with Android Debug Bridge (ADB) tools Uploading, downloading, and installing applications with ADB

Module 2: Static Analysis

2.1 APK Structure

  • Dex file and SDKs
  • Assets and resources
  • Native library code
  • Android Manifest and META_INF

2.2 Analysis Techniques

  • Decompiling and disassembling applications
  • Android application manipulation with Apktool
  • Reading and modifying Dalvik byte code
  • Using jadx for reading decompiled Java code

2.2 Third-Party Application

Frameworks

Identifying Flutter & React-Native applications

Module 3: Dynamic Analysis

3.1Instrumentation & Analysis

  • Method hooking with Frida and Runtime Mobile Security (RMS)
  • Enumerating classes information
  • Gathering information from the loaded classes

3.2Network analysis

SSL unpinning techniques and capturing network traffic

Module 4: Vulnerability Analysis & Penetration Testing

4.1Testing the vulnerable application

  • Analyzing data storage
  • Analyzing network communication
  • WebView misconfigurations and vulnerabilities
  • Vulnerabilities in deep links

Sensitive Functionality Exposure Through IPC

  • Services
  • Intents
  • Content Providers

4.3 Exploiting live applications

CTF

Participants will be provided with multiple Android apps containing vulnerabilities.

Participant should analyze the applications, find the vulnerability, write specific exploit, perform successful attack and grab the flag