On This Page

Android Application Hacking - PenTesting, Reversing and Researching Mobile Apps

Erez Metula, AppSec Labs | August 4-5 & August 6-7


Analyzing an Android application requires you to know a lot of things. This course covers everything you need to know in order to pentest, reverse, and research android apps. By taking this course, you will be able to perform deep analysis of Android mobile applications and expose potential vulnerabilities in the tested application. You will learn how to perform static analysis, traffic manipulation, memory dumps, smali and native debugging, code modification and dynamic analysis – from zero knowledge of the APK to full exploitation. It is a highly hands-on course and includes a lab environment for encountering real world challenges and practicing how to overcome them. Students of this course will also learn how to operate and make the best of the AppUse Android application PenTesting platform, from its own creators.
It is based on our experience while performing hundreds of penetration testing and researching of android applications.

Among the topics you will learn about:
  • Android execution model – The android OS, differences from other Linux based machines, rooting, using an emulator VS a real device, the android runtime, Dalvik VS. ART, android security mechanisms, permissions
  • Static analysis - The APK file package, APK extraction, classes.dex, using assembler/disassembler, decompilation, handling obfuscated code
  • Patching – Code patching, changing the app behavior, repackaging, resigning
  • Dynamic analysis - Monitoring process activity, analyzing logs using logcat, Memory dumps and analysis, smali/native debugging , Setting breakpoints, Dynamic manipulation using exposed and Frida
  • Traffic manipulation - Common vulnerabilities related to traffic, using Proxies and sniffers to while manipulation traffic, Bypassing certificate validations and cert pinning
  • Data storage – Internal vs. external storage, while to find sensitive files, analyzing and patching android SQLIte DB
  • Component security – Component types, Component permissions and visibility , spoofing calls to components, Unprotected content providers
  • IPC – Talking with other apps on the same device, intents, direct component invocation by unauthorized apps, accessing restricted screens

Who Should Take this Course

Members of the security / software development team:
  • Penetration testers
  • Malware researchers
  • Android developers

Student Requirements

Before attending this course, students should be familiar with:
  • Common security concepts
  • Basic knowledge of the Linux OS
  • Development background

What Students Should Bring

Laptop - Please make sure that each machine has:
  • At least 8GB of RAM
  • 20GB of free HD space
  • Vmware player (free) or vmware workstation (commercial)

Android device & cables - optional

What Students Will Be Provided With

  • Slides booklet
  • Labs booklet
  • AppUse Pro Android VM containing all tools, runtime, target apps, scripts, etc. - https://appsec-labs.com/appuse/
  • Certificate of completion
  • Access to AppSec Labs' LMS (learning management system), at https://appsec-labs.com/education/)


Erez Metula is the founder and Chairman of AppSec Labs, a leading company in the field of application security. He is the author of the book "Managed Code Rootkits", and is a world renowned application security expert. Erez has extensive hands-on experience performing security assessments, code reviews and secure development trainings for worldwide organizations, and had previously talked at international security conferences such as BlackHat, Defcon, OWASP, RSA, SOURCE, CanSecWest and more. Erez is a frequent trainer at BlackHat, providing cutting edge security training for developers and penetration testers. Erez had helped companies from all sizes, from startups to fortune 500 organizations. Erez focuses on advanced application security topics and has performed extensive ground breaking research on mobile application and IoT security. Erez holds an MSc in computer science and he is CISSP.