Android Application Hacking Resources
These are links that I found interesting as I was (and still am) learning about Android application security and I’m putting it here in case it can help someone else!
Last update: 2020-02-12
Aggregators, news feeds, twitter threads, etc.
Come back to those every now and then to see if they have new content!
- “android” HackerOne Hacktivity
- Twitter thread with tons of great links
- Android-Reports-and-Resources GitHub repository
- awesome-mobile-security GitHub repository
- #AndroidHackingMonth (HackerOne’s Android Hacking Month in February 2020)
Talks
- Maddie Stone - Securing the System: A Deep Dive into Reversing Android Pre-Installed Apps
- Baptiste Robert aka fs0c131ty - L’histoire de la découverte d’une backdoor signée OnePlus (It’s in French)
- Ben Actis - Advanced Android Bug Bounty skills
- Yekaterina Tsipenyul O’Neil & Erika Chin - Seven Ways to Hang Yourself with Google Android (From 2011 but still interesting to this day)
- Dawn Isabel - Fun with Frida on Mobile (It’s for iOS but the same ideas can be used on Android)
- Sebastian Porst & Google Play - Overview of common Android app vulnerabilities
Write-ups and blog articles
- Bug Bounty Hunting Tips #2 —Target their mobile apps (Android Edition)
- Quarkslab’s “diffing” blog posts (They have an unreleased android diffing engine, we can’t use it but the next best thing is reading about it!)
- Configuring Burp Suite With Android Nougat