Android Security Cookbook

Book Description

Practical recipes to delve into Android’s security mechanisms by troubleshooting common vulnerabilities in applications and Android OS versions

Overview

• Analyze the security of Android applications and devices, and exploit common vulnerabilities in applications and Android operating systems
• Develop custom vulnerability assessment tools using the Drozer Android Security Assessment Framework
• Reverse-engineer Android applications for security vulnerabilities
• Protect your Android application with up to date hardening techniques

In Detail

Android Security Cookbook discusses many common vulnerabilities and security related shortcomings in Android applications and operating systems. The book breaks down and enumerates the processes used to exploit and remediate these vulnerabilities in the form of detailed recipes and walkthroughs.

The book also teaches readers to use an Android Security Assessment Framework called Drozer and how to develop plugins to customize the framework.

Other topics covered include how to reverse-engineer Android applications to find common vulnerabilities, and how to find common memory corruption vulnerabilities on ARM devices. In terms of application protection this book will show various hardening techniques to protect application components, the data stored, secure networking. In summary, Android Security Cookbook provides a practical analysis into many areas of Android application and operating system security and gives the

What you will learn from this book

• Set up the Android development tools and frameworks
• Engage in Application security concepts
• Use the Drozer Android Security Assessment Framework
• Customize and develop your own plugins for the Drozer Framework
• Exploit, enumerate, and analyze common application level exploits
• Protect applications from common vulnerabilities and exploits
• Reverse-engineer applications for common code level vulnerabilities
• Secure application networking, SSL/TLS
• Encryption to protect application data

Approach

“Android Security Cookbook’ breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs.

Who this book is written for

“Android Security Cookbook” is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from reading this book.

Table of Contents

Chapter 1: Android Development Tools
Chapter 2: Engaging with Application Security
Chapter 3: Android Security Assessment Tools
Chapter 4: Exploiting Applications
Chapter 5: Protecting Applications
Chapter 6: Reverse Engineering Applications
Chapter 7: Secure Networking
Chapter 8: Native Exploitation and Analysis
Chapter 9: Encryption and Developing Device Administration Policies

中文：

书名：Android Security Cookbook

通过解决应用程序和Android操作系统版本中的常见漏洞来深入研究Android安全机制的实用食谱

Overview

• 分析Android应用程序和设备的安全性，利用应用程序和Android操作系统中的常见漏洞
• 使用Drozer Android安全评估框架开发自定义漏洞评估工具
• 针对安全漏洞对Android应用程序进行反向工程
• 使用最新的强化技术保护您的Android应用程序

详细地说

《Android安全指南》讨论了Android应用程序和操作系统中的许多常见漏洞和安全相关缺陷。这本书以详细的食谱和演练的形式细分并列举了用于利用和补救这些漏洞的过程。

这本书还教读者使用一个名为Drozer的Android安全评估框架，以及如何开发插件来定制该框架。

其他主题包括如何对Android应用程序进行反向工程以查找常见漏洞，以及如何查找ARM设备上的常见内存损坏漏洞。在应用程序保护方面，本书将展示各种加固技术，以保护应用程序组件、存储的数据、安全网络。总之，Android Security Cookbook提供了对Android应用程序和操作系统安全的多个领域的实用分析，并给出了

What you will learn from this book

• 设置Android开发工具和框架
• Engage in Application security concepts
• Use the Drozer Android Security Assessment Framework
• 为Drozer框架定制和开发您自己的插件
• 利用、枚举和分析常见的应用程序级利用
• 保护应用程序免受常见漏洞和利用
• Reverse-engineer applications for common code level vulnerabilities
• 安全的应用程序网络、SSL/TLS
• 加密以保护应用程序数据

方法

Android安全指南&#8217；以详细的配方和演练的形式细分并列举了用于利用和修复Android应用程序安全漏洞的进程。

这本书是为谁写的

Android Security Cookbook&#8220；Android Security Cookbook&#8221；面向对Android应用程序安全感兴趣并希望能够采取必要的实际措施保护自己的任何人；这意味着Android应用程序开发人员、安全研究人员和分析师、渗透测试人员，以及任何在商业环境中面临移动设备阻碍冲击的CIO、CTO或IT经理，都将从阅读这本书中受益。

目录表

第1章：Android开发工具
第2章：解决应用程序安全问题
第三章：Android安全评估工具
第4章：开发应用程序
第5章：保护应用程序
第6章：逆向工程应用
第7章：安全网络
第八章：本土剥削与分析
第9章：加密和制定设备管理策略