c0c0n 2012

Training

Deep Dive Android

OBJECTIVE

Android Needs no introduction, Its one of the fastest growing Smartphone / Tablet OS. Future plans ot just includes telecommunication equipment but also entertainment equipments like TV, Music Players and other house hold items. When the World is moving towards Android subsequently there is a rise in threat’s and potential risk’s in the same. This Workshop is geared towards Security professionals Who want to remain on the edge of the fast paced technology and possess in-depth understanding of Android. This workshop will not only focus on Application Pen Testing but will also be looking at the overall OS as a platform and potential pitfalls around it. In order to understand these concept in more details we will be working on creating a simple malware and dissecting existing malware samples to understand.

COURSE CONTENT
  • Android Architecture
  • Operating System Overview
  • File system Overview
  • Security Model
  • Developer Overview
  • Application Components
  • Application Structure
  • The SDK and Android Tools
  • Developing a basic application
  • Intro to PenTesting
  • Setting up the environment
  • Black Box PT
  • Reverse Engineering
  • Rooting basics
  • Malware Analysis and Design
  • Exploits survey
  • Common malware samples
  • Detection, prevention and cure
SPEAKER DETAILS
ANKUR BHARGAVA

Ankur works for India Software Labs, IBM India and is a CEH. He has been speaker at various conferences like nullcon, C0C0N for different years where he has presented on topics like PDF exploits , Android Security. Ankur is a active member on OWASP Bangalore Chapter. Ankur’s main expertise in on application security both on the Web and Mobile.

ANANT SHRIVASTAVA

Anant Works for Infosys Pvt Ltd. He holds a GWAPT, CEH and RHCE. He has been speaker at various conferences like Nullcon, c0c0n, Clubhack, his talks are focused on android. He is the creator of Android Tamer – VM for android security professionals. Active member of Null, Garage4Hackers. His expertise remains in Linux, Web Applications (Dev and security testing) and Mobile devices (OS and Application) Security.

DURATION

1 day (8 hrs)

PARTICIPANTS REQUIREMENTS

Bring in your own Laptop and if an android device is available. (otherwise simulator will also work)

PRE-REQUISITE

Anyone Interested to Learn and Deep dive in Android.

WHO SHOULD ATTEND?

Mobile Security Enthusiast, Web Application Penetration Tester, Android Enthusiast, IT professionals, developers, testing, quality professionals and anyone who wants to get there hands dirty in Android.

Ref: https://is-ra.org/c0c0n/2012/workshop-Deep_Dive_Android.html

Talk

The talk was an adhoc talk on how to use android devices for basic pentesting operations