Wanna learn some cool hacking shit?

I’ve started making training courses under my personal company, Malicious Erection LLC.

Right now, there’s only one course, but I have plans for more coureses in the future.

Pentesting Exploits Noted In Smartphones (Android Edition)

Learn some Android hacking techniques used in CVE exploits and hacking competitions

Udemy link: https://www.udemy.com/course/pentesting-exploits-noted-in-smartphones-android-edition/

Description

Are you an Android penetration tester looking to expand your skill set beyond the usual vulnerabilities and dive deep into the more advanced areas of Android security? This hands-on course is precisely for you.

It’s not just about examining exported activities and keystore access. This course delves into the intricacies of how Android applications communicate with each other. You’ll see firsthand how a malicious application can exploit misconfigurations in Intents, Content Providers, and other components to compromise or abuse target apps.

Using our Axolotl test application, created specifically for this course, you’ll practice building your own “attacker” application designed to exploit each discovered vulnerability. Real-life examples will help you connect the dots between theoretical knowledge and practical attacks frequently encountered in the wild. By the end, you’ll not only have honed your existing penetration testing expertise, but also gained the highly specialized insight needed to tackle loopholes in Android apps.

What this course covers:

  • Intent Mechanics: Explore getIntent(), Browsable Intents, NFC tag exploits, and MIME-type hijacking.

  • Unexported Content Providers: Abuse grantUriPermissions in ways typical testing overlooks.

  • WebView Vulnerabilities: Understand JavaScript Bridge threats, file access tricks, and Cross-Origin policy flaws.

  • Custom Permissions: Delve into custom permission structures for exploitation scenarios.

  • Loading Custom DEX Files: Dynamically inject malicious code into target apps to bypass security measures.

If you already understand the foundations of Android penetration testing and want to push the limits by exploring additional vulnerabilities and attack surfaces, this course is your gateway to the cutting edge of Android security.