Mobile Penetration Testing of Android Applications

Computer security is no more about PCs. Is your TV, fridge and mobile phone. Learn to audit mobile apps!
Mobile Penetration Testing of Android Applications
File Size :
2.97 GB
Total length :
6h 1m



Gabriel Avramescu


Last update




Mobile Penetration Testing of Android Applications

What you’ll learn

Learn to audit or perform penetration tests agains Android applications
Learn tools and techniques
Perform real world attacks on Android Devices and Apps
Perform Certification Pinning bypass for most of Android Apps
Explore OWASP Top Ten Mobile and Web most common vulnerabilities
Android Malware Analysis

Mobile Penetration Testing of Android Applications


basic computer skills and Linux OS
web technologies knowledge
knowledge of most common web vulnerabilities


You already know some computer and network ethical hacking? What about moving forward and applying it to mobile apps as well? This course is for the beginners and may be useful for some advanced users as well.Android Hacking and Penetration Testing course is a hands-on video course. The course will focus on the tools and techniques for testing the Security of Android Mobile applications. Android, the Google operating system that’s on 80% of the world’s smartphones. In extreme cases, hackers with malicious intent can do much more than send premium text messages. In this video you will learn how to hack Android applications. In this course you will apply web hacking techniques you already know on Android environment. Furthermore, we are going to explore OWASP Top Ten Mobile and Web most common vulnerabilities. This is an intermediate level course.


Section 1: Introduction – the basics

Lecture 1 About the Author

Lecture 2 What to expect from this course

Lecture 3 Join Our Online Classroom!

Section 2: Android Development Tools

Lecture 4 Android Studio

Lecture 5 AVD Manager is missing? ADB Connection and Monitor in Android Studio 3.5/newer

Lecture 6 Android Debug Bridge (ADB)

Section 3: Environment Setup

Lecture 7 Android emulator or Android Device?

Lecture 8 Android rooting

Lecture 9 Setting up a Proxy for Android

Lecture 10 Installing CA Certificate

Lecture 11 Virtual Machine Download

Lecture 12 Android Vulnerable Application Setup

Section 4: Android Application Review. Reverse Engineering and App Analysis

Lecture 13 APK file Structure. AndroidManifest XML file

Lecture 14 Reversing to get Source code of the Application – decompiling with dex2jar

Lecture 15 Reversing and Re-compiling With APKTool

Lecture 16 APK Teardown in a Nutshell using Dexplorer on your Android Device

Lecture 17 Static vs Dynamic Analysis

Lecture 18 Static Analysis of Android Application using QARK

Lecture 19 Dynamic Analysis of Android Application using Inspeckage and Xposed

Lecture 20 MobSF – Mobile-Security-Framework. Malware analysis

Lecture 21 Automated Security Assessments with Drozer

Lecture 22 Intercept traffic using Wireshark and tcpdump

Lecture 23 Intent Sniffing

Lecture 24 Fuzzing using Burp – Password Brute-Force. Username enumeration

Section 5: Bypass Certificate Pinning

Lecture 25 General Description

Lecture 26 Automatic bypass of certificate pinning

Lecture 27 Manual bypass of certificate pinning

Section 6: Next Steps and Conclusions

Lecture 28 Bonus – Take control over an Android phone using metasploit

Lecture 29 Penetration Testing Cheat Sheet

Lecture 30 OWASP Top 10 Mobile Vulnerabilities and Attacks

Lecture 31 Further research – Automatic and Manual Scanning for Vulnerabilities

Lecture 32 For Developers – Android Security Guidlines

Lecture 33 Bonus – Easily download any APK file from Google Play directly on your PC

Lecture 34 Final Words

Section 7: (Bonus) Web Penetration Testing

Lecture 35 Further information

Lecture 36 Core Problems – Why Web Security

Lecture 37 Spider and Analyze a Website using Burp

Lecture 38 Brute-frocing Web Resources using Dirb and Dirbuster

Lecture 39 SQL injection

Lecture 40 Exploiting SQLi using Sqlmap and Getting Remote Shell

Lecture 41 Upload and Remote File Execution

Section 8: (Bonus) Learn Burp for advanced mobile and web pentesting

Lecture 42 Alternative setup – Download Burp. Free vs Paid

Lecture 43 Proxy – General Concept

Lecture 44 Target Module

Lecture 45 Proxy Module – part 1

Lecture 46 Proxy Module – part 2

penetration testers, security professionals and amateurs,web and mobile application developers,security enthusiasts

Course Information:

Udemy | English | 6h 1m | 2.97 GB
Created by: Gabriel Avramescu

You Can See More Courses in the IT & Software >> Greetings from

New Courses

Scroll to Top