Offensive Android Internals Course

Live On-Site / Live Virtual

BECOME A CERTIFIED ANDROID SECURITY ENGINEER

Learn the essential skills and techniques necessary to conduct comprehensive security audits of Android applications. Learn how to secure against an array of potential threats and vulnerabilities that target Android Devices.

What You Will Learn

This in-depth and immersive three-day program offers participants an opportunity to enhance their understanding of Android Internals, Reverse Engineering as well as Android Application Exploitation. It provides a broad understanding of Android system architecture, covering topics such as Android Drivers, Modules, Linux Kernel, and the Android Binder. Participants will gain hands-on experience in reverse engineering, exploit development basics for the ARM platform, and deep dive into memory management and related vulnerabilities.

The course also covers Android’s boot, recovery, rooting processes, and permissions, along with security features like DAC, CAP, SECCOMP, and SELinux. For a practical learning experience, the course covers how to extract and decrypt boot images for Android devices. The course covers handson exercises for symbolicating the Android kernel and porting exploits to other Android devices.Advanced Frida techniques such as custom tracing, profiling, and memory inspection are explored with real-world applications. Case studies on prominent malware and custom malware samples designed for the course shed light on reverse engineering and advanced forensics techniques. Application Security related vulnerabilities occuring due to Android components are also covered as a part of the course. The training also includes hands-on learning using vulnerable applications created for the course, and a wide range of real-world application vulnerabilities in order to give an in-depth knowledge about the different kinds of vulnerabilities in Mobile applications.

On attending this course, you will get:

  • An attempt to Certified Android Security Engineer (CASE) certification exam
  • Certificate of completion for the Training program
  • Source code for vulnerable applications
  • Source code for Exploit PoCs’ that can be used for Bug Bounties
  • Students will be provided with access to Corellium for Android hands-on for the duration of the course (Live On-site & Virtual Training only)
  • Students will be provided access to cloud instances for the duration of the course (Live On-site & Virtual Training only)
  • Slack access for the class and after for regular mobile security discussions (Live On-site & Virtual Training only)

Key Objectives

  • Understand the Android System Architecture and AOSP source code
  • Learn about Android Tracing
  • Grasp Android Boot, Recovery, and Rooting processes
  • Get an understanding of latest ARM64 instruction set, dynamic memory management and related vulnerabilities on the ARM platform
  • Acquire skills in ARM Reverse Engineering and exploit development
  • Learn how to customize and build Android Kernel for Vulnerability Research
  • Gain knowledge about Android Platform Permission, DAC, CAP, SECCOMP, and SELinux
  • Develop practical skills in fuzzing applications and processes on Android devices
  • Overview of Kernel protections and bypasses
  • Reverse engineering Android binaries (Apps and system binaries)
  • Get PoC applications to perform 1 click exploits on Mobile apps
  • Get an intro to common bug various bug categories on Android systems
  • Learn to audit Android apps for security vulnerabilities
  • Understand and bypass anti-debugging and obfuscation techniques
  • Get a detailed walkthrough on using IDA Pro, Hopper, Frida, etc
  • Learn how accessibility malwares work, and how to reverse engineer well-known crypto wallet stealers
  • Learn how to symbolicate the Android kernel
  • Learn how to extract and decrypt boot images for Android devices
  • Become a Certified Android Security Engineer (CASE)

Duration

3 Days

Ways to Learn

Who Should Attend?

This course is designed for vulnerability researchers, malware analysts, penetration testers, mobile developers, and anyone eager to learn more about the workings of Android devices and applications.

laptop Requirements

  • Laptop with: 8+ GB RAM and 40 GB hard disk space
  • Students will be provided with access to Linux cloud instances (Live On-site & Virtual Training only)
  • Students will be provided with access to Corellium for Android hands-on (Android standard emulators will be used as necessary) (Live On-site & Virtual Training only)
  • Administrative access on the system

Detailed Course Setup instructions and Slack access will be sent a few weeks prior to the class (Live On-site & Virtual Training only)

Need To Justify To Your Manager?

Need a Template to Justify the Training Request to your Manager? Download the Template below

Syllabus

  • Key Concepts and Terminologies
  • Introduction to Hopper/Ghidra
  • Introduction to the ARM64 instruction set
  • ARM64 security mitigations
  • ARM64 calling convention
  • Introduction to Java and Kotlin
  • Disassembling methods
  • Modifying assembly instructions
  • Identifying Native Code 
  • Understanding the Program flow
  • Identifying Cross-Platform mobile frameworks
  • Reversing ARM binaries
  • Exploiting a simple Heap Overflow
  • Building a simple ROP chain
  • Breaking ASLR with Info leaks/Brute force 
  • Exploit mitigations (ASLR, Heap Poisoning, PAN, etc)
  • Android Security Architecture
  • Extracting APK files from Google Play
  • Understanding Android application structure
  • Signing Android applications
  • Understanding Android ADB
  • Understanding the Android file system
  • Permission Model Flaws
  • Attack Surfaces for Android applications
  • Understanding Android Components
  • Introducing Android Emulator
  • Introducing Android AVD
  • Setting up Android Pentest Environment
  • Process of Android Apps Engineering
  • Reverse Engineering for Android Apps
  • Smali Learning Labs
  • Examining Smali files
  • Dex Analysis and Obfuscation
  • Reversing Obfuscated Android Applications
  • Exploiting Android Accessibility Permissions
  • Reverse Engineering known complex Malwares in the Wild
  • Patching Android Applications
  • Android App Hooking
  • Proxying Android Traffic
  • Exploiting Local Storage
  • Exploiting Weak Cryptography
  • Exploiting Side Channel Data Leakage
  • Exploiting Content Provider Path Traversal & Info Leakage 
  • Multiple Manual and Automated Root Detection and Bypass Techniques
  • Exploiting Weak Authorization mechanism
  • Identifying and Exploiting Android Components
  • Exploiting Android NDK
  • Android Game Hacking
  • Multiple Manual and Automated SSL Pinning Bypass techniques
  • Exploiting Android Google Play Billing
  • Firebase Exploitation
  • Exploiting Biometric Authentication
  • In-memory tampering
  • Exploit Zip Path Traversal/ZipperDown
  • Exploiting Flutter Applications
  • Exploiting AWS Cognito Misconfiguration
  • Exploiting Android Deep Links and WebViews
  • Exploiting Crypto using Frida
  • Basic App Exploitation techniques using Frida
  • Dumping Class Information using Frida
  • Dumping Method Information using Frida
  • Viewing and Changing Information using Frida
  • Calling Arbitrary functions using Frida
  • Tracing using Frida
  • Advance App Exploitation techniques using Frida
  • Frida on non-rooted Android
  • Detecting Patched Android Applications
  • App Integrity Protection
  • Detecting Malicious Libraries
  • Detecting Emulator/Rooted Devices
  • Secure Implementation of WebViews
  • Implementing Anti-Debug Checks
  • Detecting Suspicious Device Reset
  • Detecting Proxied Applications
  • Android Boot process and Bootloader interaction
  • Customizing and Building Android Kernel for Vulnerability Research
  • Android Rooting Process
  • Debugging Android Kernel and binaries
  • Extract Android kernel from Boot image
  • Symbolicating the Android Kernel
  • Privilege Escalation on Android
  • SELinux explained
  • Overview of Kernel protections and bypasses

Prerequisites

To successfully participate in this course, attendees should possess the following:

  • Working knowledge of cybersecurity and pentesting fundamentals
  • Basic working knowledge of Android platform
  • Basic Linux skills and command-line proficiency
  • Understanding of fundamental programming concepts and looping structures in at least one higher-level language (Java, Kotlin, C, C++, or similar)
  • Basic ARM/AARCH64 binary assembly and exploitation knowledge is recommended, but not required

CERTIFIED ANDROID SECURITY ENGINEER (CASE)

This course is designed for vulnerability researchers, penetration testers, mobile developers, and anyone eager to understand the inner workings of the Android platform and applications. This course prepares you for the Certified Android Security Engineer (CASE) certification exam, a hands-on assessment specifically designed to test your grasp of advanced Android security domains including userland and kernel components.

Exam Duration : 24 hours

TRUSTED TRAINING PROVIDERS

Our trainers boast more than ten years of experience delivering diverse training sessions at conferences such as Blackhat, HITB, Power of Community, Zer0con, OWASP Appsec, and more.

Hear from our Students

Our Students are our greatest voice, just read what they have to say!

Take Your Skills To The Next Level

OUR MODES OF TRAINING

ON DEMAND

USD $899 onwards

Ideal for Individuals
 
  • Flexibility of self-paced learning
  • Instant access to course materials upon purchase
  • Extensive labs and self-assessments
  • Repeatability of Course Content
  • Certification exam 

LIVE VIRTUAL

GET IN TOUCH FOR PRICING

Perfect for Teams in Multiple Location
 
  • Real-time interaction with our expert trainers over Zoom
  • Customizable content tailored to your team’s needs
  • Continued support after the training
  • Certification exam

LIVE ON-SITE

GET IN TOUCH FOR PRICING

Perfect for Teams in One Location
 
  • Real-time interaction with our expert trainers at an onsite location
  • Customizable content tailored to your team’s needs
  • Continued support after the training
  • Certification exam

FAQ

Our Live Virtual and On-Site sessions replicate the interactive classroom experience, fostering real-time collaboration and engagement among participants.

While prior experience is helpful, the course is designed to accommodate various skill levels. It provides a structured learning path, starting from foundational concepts and progressing to advanced techniques.

The preparation time for the Certification varies based on your individual learning pace and level of engagement post-training. On average, participants spend a few days to several weeks preparing, which includes both theoretical learning and hands-on lab practice. It is recommended to spend at least 2-3 weeks practicing before attempting the Certification Exam after the training.

No, the training that you purchase from 8kSec, including the course materials is exclusively for your individual use. You may not reproduce, distribute or display (post/upload) lecture notes, or recordings, or course materials in any other way — whether or not a fee is charged – without the express written consent of 8kSec.

For On-Site/Virtual Courses during private trainings/conferences, we provide a customized certificate after the completion of the course. Please note that the Certificate of Course Completion is different from the one obtained after clearning the Certification exam.

We provide Certification exams exclusively to registered training participants. The cost of the Certification exam is bundled into the pricing of every training package purchased.

 
 
 

For Virtual/Live Trainings, we will provide you access to our Lab environment and an instruction guide during the training.

Once you submit your report, one of the members of our review board will review the report and provide with the results in 3 business days.

The fee to retake the certification exam is USD $119. To schedule your re-examination, simply email info@8ksec.io and our logistics team will be in touch.

You can find our Training Schedule at https://8ksec.io/public-training/. To schedule a Live Virtual or Live On-site private training for a group of 5+ attendees, email trainings@8ksec.io and our logistics team will get in touch with you to organize one.

The information on this page is subject to change without notice.

CONTACT US

Please share with us the project requirements and the goals you want to achieve,  and one of our sales representatives will contact you within one business day.

Our Location

51 Pleasant St # 843, Malden, MA, Middlesex, US, 02148

General and Business inquiries

contact@8ksec.io

Trainings

trainings@8ksec.io

Press

press@8ksec.io

Phone

+1(347)-4772-006

SEND ENQUIRY