Learning Pentesting for Android Devices
暫譯: 學習 Android 裝置的滲透測試
Aditya Gupta
- 出版商: Packt Publishing
- 出版日期: 2014-03-17
- 售價: $1,460
- 貴賓價: 9.5 折 $1,387
- 語言: 英文
- 頁數: 154
- 裝訂: Paperback
- ISBN: 1783288981
- ISBN-13: 9781783288984
-
相關分類:
Android
海外代購書籍(需單獨結帳)
買這商品的人也買了...
-
XDA Developers' Android Hacker's Toolkit: The Complete Guide to Rooting, ROMs and Theming (Paperback)$1,225$1,164 -
$1,568Android Hacker's Handbook (Paperback) -
$199Android 超級用戶工具箱 (XDA Developers' Android Hacker's Toolkit: The Complete Guide to Rooting, ROMs and Theming, 2/e) -
Visual C# 與 Xamarin 跨平台行動 App 開發實戰 ─ iOS/Android/Windows 一次搞定$500$395 -
Android Security Internals: An In-Depth Guide to Android's Security Architecture (Paperback)$1,650$1,568 -
Xamarin iOS 移動開發實戰$599$569 -
$454Android 安全架構深究 (Android Security Internals: An In-Depth Guide to Android's Security Architecture) -
Hacking Android$2,000$1,900
相關主題
商品描述
Android is the most popular mobile smartphone operating system at present, with over a million applications. Every day hundreds of applications are published to the PlayStore, which users from all over the world download and use. Often, these applications have serious security weaknesses in them, which could lead an attacker to exploit the application and get access to sensitive information. This is where penetration testing comes into play to check for various vulnerabilities.
Learning Pentesting for Android is a practical and hands-on guide to take you from the very basic level of Android Security gradually to pentesting and auditing Android. It is a step-by-step guide, covering a variety of techniques and methodologies that you can learn and use in order to perform real life penetration testing on Android devices and applications. The book starts with the basics of Android Security and the permission model, which we will bypass using a custom application, written by us. Thereafter we will move to the internals of Android applications from a security point of view, and will reverse and audit them to find the security weaknesses using manual analysis as well as using automated tools.
We will then move to a dynamic analysis of Android applications, where we will learn how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device. We will look into SQLite databases, and learn to find and exploit the injection vulnerabilities. Also, we will look into root exploits, and how to exploit devices to get full access along with a reverse connect shell. Finally, we will learn how to write a penetration testing report for an Android application auditing project.
Learning Pentesting for Android is a practical and hands-on guide to take you from the very basic level of Android Security gradually to pentesting and auditing Android. It is a step-by-step guide, covering a variety of techniques and methodologies that you can learn and use in order to perform real life penetration testing on Android devices and applications. The book starts with the basics of Android Security and the permission model, which we will bypass using a custom application, written by us. Thereafter we will move to the internals of Android applications from a security point of view, and will reverse and audit them to find the security weaknesses using manual analysis as well as using automated tools.
We will then move to a dynamic analysis of Android applications, where we will learn how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device. We will look into SQLite databases, and learn to find and exploit the injection vulnerabilities. Also, we will look into root exploits, and how to exploit devices to get full access along with a reverse connect shell. Finally, we will learn how to write a penetration testing report for an Android application auditing project.
商品描述(中文翻譯)
Android 目前是最受歡迎的行動智慧型手機作業系統,擁有超過一百萬個應用程式。每天都有數百個應用程式在 PlayStore 上發布,全球的使用者下載並使用這些應用程式。然而,這些應用程式中常常存在嚴重的安全漏洞,可能使攻擊者利用這些應用程式來獲取敏感資訊。這就是滲透測試(penetration testing)發揮作用的地方,用來檢查各種漏洞。
《Learning Pentesting for Android》是一本實用且動手操作的指南,將帶領您從 Android 安全的基本知識逐步進入滲透測試和審計 Android 的領域。這本書是一步一步的指南,涵蓋了各種技術和方法論,您可以學習並使用這些技術來對 Android 設備和應用程式進行實際的滲透測試。書中首先介紹 Android 安全的基本概念和權限模型,接著我們將使用自己編寫的自訂應用程式來繞過這些權限。之後,我們將從安全的角度深入了解 Android 應用程式的內部結構,並通過手動分析和自動化工具進行逆向工程和審計,以找出安全漏洞。
接下來,我們將進行 Android 應用程式的動態分析,學習如何在 Android 設備上捕獲和分析網路流量,並從 Android 設備的封包捕獲中提取敏感資訊和檔案。我們將研究 SQLite 資料庫,學習如何找到並利用注入漏洞。此外,我們還將探討 root 漏洞,以及如何利用這些漏洞來獲得完全訪問權限,並建立反向連接的 shell。最後,我們將學習如何為 Android 應用程式審計專案撰寫滲透測試報告。
