-
owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Leesons-Modding-Instructions
The recordings of my 2 and 1/2 week journey to get a setup running for dynamic testing of Android malware
Here's the Open Web Application Security Project's Mobile Security Testing Guide. Detailed guides for multiple aspects of mobile security testing for both Android & iOS https://github.com/OWASP/owasp-mstg
If interested in reversing, you’ll need tools such as (https://ibotpeaches.github.io/Apktool/ ) and dex2jar (https://github.com/pxb1988/dex2jar) and jd-GUI (http://java-decompiler.github.io/) and I also highly recommend using smali (https://github.com/JesusFreke/smali) rather than trying to analyze the machine code if jd-GUI fails to recompile something back to the pseudo-Java. There’s actually a very good LinkedIn learning video on how to use all these tools together called Learning Android Malware Analysis, just get the trial or w/e and do the course then cancel.
For dynamic testing, I recommend building your own OS so you can write out logs, here’s a guide https://github.com/n0x-L/Leesons-Modding-Instructions Good luck
Related posts
-
Google Play rolls out an "Independent security review" badge for apps
-
Need Help on Patching
-
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
-
Mobile game security - how to?
-
Are android bugs mostly api and web ?