This in-depth and immersive three-day program offers participants an opportunity to enhance their understanding of Android Internals, Reverse Engineering as well as Android Application Exploitation. It provides a broad understanding of Android system architecture, covering topics such as Android Drivers, Modules, Linux Kernel, and the Android Binder. Participants will gain hands-on experience in reverse engineering, exploit development basics for the ARM platform, and deep dive into memory management and related vulnerabilities.
The course also covers Android's boot, recovery, rooting processes, and permissions, along with security features like DAC, CAP, SECCOMP, and SELinux. For a practical learning experience, the course covers how to extract and decrypt boot images for Android devices. The course covers hands-on exercises for symbolicating the Android kernel and porting exploits to other Android devices. Advanced Frida techniques such as custom tracing, profiling, and memory inspection are explored with real-world applications. Case studies on prominent malware and custom malware samples designed for the course shed light on reverse engineering and advanced forensics techniques. Application Security related vulnerabilities occurring due to Android components are also covered as a part of the course. The training also includes hands-on learning using vulnerable applications created for the course, and a wide range of real-world application vulnerabilities in order to give an in-depth knowledge about the different kinds of vulnerabilities in Mobile applications.
Learning Objectives
Understand the Android System Architecture and AOSP source code
Learn about Android Tracing
Grasp Android Boot, Recovery, and Rooting processes
Get an understanding of latest ARM64 instruction set, dynamic memory management and related vulnerabilities on the ARM platform
Acquire skills in ARM Reverse Engineering and exploit development
Learn how to customize and build Android Kernel for Vulnerability Research
Gain knowledge about Android Platform Permission, DAC, CAP, SECCOMP, and SELinux
Develop practical skills in fuzzing applications and processes on Android devices
Overview of Kernel protections and bypasses
Reverse engineering Android binaries (Apps and system binaries)
Get PoC applications to perform 1 click exploits on Mobile apps
Get an intro to common bug various bug categories on Android systems
Learn to audit Android apps for security vulnerabilities
Understand and bypass anti-debugging and obfuscation techniques
Get a detailed walkthrough on using IDA Pro, Hopper, Frida, etc.
Learn how accessibility malwares work, and how to reverse engineer well-known crypto wallet stealers
Learn how to symbolicate the Android kernel
Learn how to extract and decrypt boot images for Android devices
Become a Certified Android Security Researcher (CASR)
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):