This comprehensive security workshop offers an easy-intermediate, immersive learning experience designed for cybersecurity professionals and developers seeking to master Android application security. The workshop takes the participants through hands-on based vulnerability analysis and exploit development techniques, which gives a head start in Android application security.
Participants will gain a holistic understanding of Android app security, encompassing both
defensive strategies and offensive security techniques. The program is meticulously crafted to equip attendees with the expertise to:
1. Identify and analyze complex security vulnerabilities in the Android application
ecosystem
2. Gain experience in handling various tools to do static and dynamic analysis
3. Find bugs in real-world Android applications
Objectives of workshop:
1. Introduction to Android Architecture and application development ecosystem.
2. Get familiar with popular Android reversing tools.
3. Identify and exploit vulnerabilities in the Android environment using various tools
Syllabus:
Module 1: Android Ecosystem (Foundational Understanding) (30 mins)
1.1. Android Architecture
1.2. Unpack the Android component ecosystem
Module 2: Static Analysis (20 mins) (Hands-on)
2.1. Reverse Engineering tools and Usecases
Module 3: Android Application Vulnerability Analysis (70 mins) (Hands-on)
3.1. Identifying Android Vulnerabilities through Static Analysis
3.2. Exploiting Android Vulnerabilities at Runtime
Akileshkumar, also known as cyb3r-w0lf, blends 3 years of hands-on industrial experience with 5 years of part-time engagement on a diverse range of security assessments. He is an expert in Web, Android, API, and Thick/Thin Client Pentesting. Akilesh is a passionate player in various Capture the Flag (CTF) competitions and wields a deep understanding of penetration testing strategies. He is a Hall-of-Fame member on eBay and has received bounties from Zerocopter.