undrgrnd Cliquez ici Baby ValentinB nav-sa-clothing-shoes nav-sa-clothing-shoes Cloud Drive Photos cliquez_ici nav_HPTV Cliquez ici Acheter Fire Acheter Kindle Paperwhite cliquez_ici Jeux Vidéo Montres soldes Bijoux Soldes

Envoyer sur votre Kindle ou un autre appareil

 
 
 

Essai gratuit

Découvrez gratuitement un extrait de ce titre

Envoyer sur votre Kindle ou un autre appareil

Désolé, cet article n'est pas disponible en
Image non disponible pour la
couleur :
Image non disponible
 

Learning Pentesting for Android Devices [Format Kindle]

Aditya Gupta

Prix conseillé : EUR 14,76 De quoi s'agit-il ?
Prix livre imprimé : EUR 23,19
Prix Kindle : EUR 10,33 TTC & envoi gratuit via réseau sans fil par Amazon Whispernet
Économisez : EUR 12,86 (55%)

  • Longueur : 154 pages
  • Langue : Anglais
  • En raison de la taille importante du fichier, ce livre peut prendre plus de temps à télécharger
  • Vous n'avez pas encore de Kindle ? Achetez-le ici Ou commencez à lire dès maintenant avec l'une de nos applications de lecture Kindle gratuites.
App de lecture Kindle gratuite Tout le monde peut lire les livres Kindle, même sans un appareil Kindle, grâce à l'appli Kindle GRATUITE pour les smartphones, les tablettes et les ordinateurs.

Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.

Formats

Prix Amazon Neuf à partir de Occasion à partir de
Format Kindle EUR 10,33  
Broché EUR 23,19  
-40%, -50%, -60%, -70%... Découvrez les Soldes Amazon jusqu'au 16 février 2016 inclus. Profitez-en !





Les clients ayant acheté cet article ont également acheté

Cette fonction d'achat continuera à charger les articles. Pour naviguer hors de ce carrousel, veuillez utiliser votre touche de raccourci d'en-tête pour naviguer vers l'en-tête précédente ou suivante.

Descriptions du produit

Présentation de l'éditeur

A practical guide to learning penetration testing for Android devices and applications

About This Book


  • Explore the security vulnerabilities in Android applications and exploit them

  • Venture into the world of Android forensics and get control of devices using exploits

  • Hands-on approach covers security vulnerabilities in Android using methods such as Traffic Analysis, SQLite vulnerabilities, and Content Providers Leakage


Who This Book Is For

This book is intended for all those who are looking to get started in Android security or Android application penetration testing. You don't need to be an Android developer to learn from this book, but it is highly recommended that developers have some experience in order to learn how to create secure applications for Android.

What You Will Learn


  • Understand the basics of Android Security Architecture and Permission Model Bypassing

  • Use and explore Android Debug Bridge (ADB)

  • Study the internals of an Android application from a security viewpoint

  • Learn to reverse an Android application

  • Perform the Traffic Analysis on Android devices

  • Dive into the concepts of Android forensics and data acquisition

  • Acquire the knowledge of Application Level vulnerabilities and exploitation such as Webkit-Based Exploitation, Root Exploits, and Use After free vulnerabilities

  • Write a penetration testing report for an Android application auditing project

In Detail

Android is the most popular mobile smartphone operating system at present, with over a million applications. Every day hundreds of applications are published to the PlayStore, which users from all over the world download and use. Often, these applications have serious security weaknesses in them, which could lead an attacker to exploit the application and get access to sensitive information. This is where penetration testing comes into play to check for various vulnerabilities.

Learning Pentesting for Android is a practical and hands-on guide to take you from the very basic level of Android Security gradually to pentesting and auditing Android. It is a step-by-step guide, covering a variety of techniques and methodologies that you can learn and use in order to perform real life penetration testing on Android devices and applications.

The book starts with the basics of Android Security and the permission model, which we will bypass using a custom application, written by us. Thereafter we will move to the internals of Android applications from a security point of view, and will reverse and audit them to find the security weaknesses using manual analysis as well as using automated tools.


We will then move to a dynamic analysis of Android applications, where we will learn how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device. We will then learn some different ways of doing Android forensics and use tools such as Lime and Volatility. After that, we will look into SQLite databases, and learn to find and exploit the injection vulnerabilities. Also, we will look into webkit-based vulnerabilities; root exploits, and how to exploit devices to get full access along with a reverse connect shell. Finally, we will learn how to write a penetration testing report for an Android application auditing project.

Biographie de l'auteur

Aditya Gupta

Aditya Gupta is the founder and trainer of Attify, a mobile security firm, and leading mobile security expert and evangelist. Apart from being the lead developer and cocreator of Android framework for exploitation, he has done a lot of indepth research on the security of mobile devices, including Android, iOS, and Blackberry, as well as BYOD Enterprise Security. He has also discovered serious web application security flaws in websites such as Google, Facebook, PayPal, Apple, Microsoft, Adobe, Skype, and many more. In his previous work at Rediff.com, his main responsibilities were to look after web application security and lead security automation. He also developed several internal security tools for the organization to handle the security issues. In his work with XYSEC, he was committed to perform VAPT and mobile security analysis. He has also worked with various organizations and private clients in India, as well as providing them with training and services on mobile security and exploitation, Exploit Development, and advanced web application hacking. He is also a member of Null—an open security community in India, and an active member and contributor to the regular meetups and Humla sessions at the Bangalore and Mumbai Chapter. He also gives talks and trainings at various security conferences from time to time, such as BlackHat, Syscan, Toorcon, PhDays, OWASP AppSec, ClubHack, Nullcon, and ISACA. Right now he provides application auditing services and training. He can be contacted at adi@attify.com or @adi1391 on Twitter.


Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 15809 KB
  • Nombre de pages de l'édition imprimée : 154 pages
  • Editeur : Packt Publishing (26 mars 2014)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B00JAAW0ZY
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Composition améliorée: Activé
  • Classement des meilleures ventes d'Amazon: n°518.744 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)

En savoir plus sur l'auteur

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles
Commentaires client les plus utiles sur Amazon.com (beta)
Amazon.com: 4.4 étoiles sur 5  9 commentaires
1 internautes sur 1 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 A book to understand how an Android application works and how to make it more secure 19 juin 2014
Par Fabio Radin - Publié sur Amazon.com
Format:Broché
I really love this book! "Learning Pentesting for Android Devices" is a book for all curious guys that want to understand how things are working inside their Android device. The goal of the book is to explore which vulnerability and issues could be present in an Android application and how to prevent and to reveal them. This is just an interesting argument, but what is really more interesting is the way to reach this goal: becoming for a couple of hours an "hacker" and jump on the dark side of the development! Yes, because decompiling, reverse engineering, exploiting and attacking will be really more clear to you after reading this book!

The book starts with a couple of chapters about Android howtos: what is an Android app, how it is generated and which tools should be used to achieve the goal. After that, Aditya brings you on the reverse path: in chapter 3, starting from an app, he brings you to the source code! There is a very clear description about which tools could be used, how to use them and which limits you could experiencing during this adventure. In chapter 4, the classical network attacks are explored: network traffic analysis, proxy interception, man in the middle and so on.

More or less after an half of the book, Aditya starts with a very not so common description of Android vulnerability and attacks (from the device point of view!). This is really uncommon and very very interesting for understanding how the Android phone you have in pocket is made. A specific chapter is dedicated to SQLite, one of the most common SQL database deployed in several millions of devices and to the WebView, one of the most common Android widget.

In the end, even if this book is for every developer with a basic knowledge about Android programming, I must suggest it to everyone has intention to start and develop an Android app. Your app will be surely more secure in the end and there will be no risk about finding the source code of your app in internet!
1 internautes sur 1 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 good introductory book for Android security and vulnerabilities 22 juin 2014
Par ramakrishna - Publié sur Amazon.com
Format:Broché
This is a great book for those who would like to explore and experiment about android application and platform security. Authors have designed the book very well beginning with basics of android security architecture and going deeper into the nuances of the platform security. The tools that are explained here really helps the testers for auditing and perform reverse engineering the android applications and also helps in understanding different kinds of android vulnerabilities and attacks.
4.0 étoiles sur 5 detailed advice 3 mai 2014
Par W Boudville - Publié sur Amazon.com
Format:Broché
Android is the most popular phone operating system in the world, measured by unit volume. Probably also by total revenue. Apple gets more profit per handset, but sells fewer. Developers of Android applications should be aware of how to protect against intrusion. The first chapter is just a run through of the layout of the operating system. A version of linux optimised for mobile platforms.

It might help if you already have developed for a virtual machine environment. Since each application runtime instance runs within its own VM. But the point of divergence from laptop or desktop VMs is that here the VM framework is used for performance and not security. In large part, the rest of the book flows from this observation.

Eclipse is the development platform used. Good, because it is free and heavily tested and maintained. Turns out, it has an option, that makes an Android Virtual Machine Device Manager. This runs an Android virtual device. So you develop and test on a desktop with emulation. The text takes you through how all this can be done, with simple examples. Of these, take careful note of the Burp proxy. It can sniff [analyse] the network traffic. This is an important way to find vulnerabilities in an application. An entire chapter goes into other ways to do traffic analysis. Passive and active. The latter is a little harder maybe. But it lets you debug by stepping through the stages of a given network interaction between an app and its server.

Another very useful tool is for reverse engineering an existing Android app. If you have coded in java, you may be aware of programs to do likewise for java bytecode. Conceptually, it's the same idea for Android.
4.0 étoiles sur 5 Good start for a Android security novice 16 juin 2014
Par Khirulnizam - Publié sur Amazon.com
Format:Broché
Good start for a Android security novice

I would consider myself new to Android apps security aspects. However I've found this book easy to follow. As the step by step approach to a penetration testing process is easy to follow.

At the end of the book, there's a sample of a pentest report, that's considered a helpful document.
1 internautes sur 2 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Excellent content and very well explained. 9 avril 2014
Par Shivang Desai - Publié sur Amazon.com
Format:Broché
I got the book delivered to me a week back, and have gone through all the chapters as well. The book really serves the one purpose for which it has been written for - To give an introduction to the various security aspects in Android, such as finding vulnerabilities in Applications, auditing them, reverse engineering, forensics and so on.

The ARM Exploitation chapter was quite tough to understand, but after 2-3 reads, everything made perfect sense to me. I wish the book was a bit longer, but still it's fine as everything is to the point. Do not expect to find much theoretical topics in the book, as it is completely hands-on. Even some of the latest vulnerabilities such as the Webview exploitation and XAS was given in how-to manner in the book, which was easy to follow.

Overall a nice Android Security book, and must to be have by anyone interested into Android Security.
Ces commentaires ont-ils été utiles ?   Dites-le-nous

Discussions entre clients

Le forum concernant ce produit
Discussion Réponses Message le plus récent
Pas de discussions pour l'instant

Posez des questions, partagez votre opinion, gagnez en compréhension
Démarrer une nouvelle discussion
Thème:
Première publication:
Aller s'identifier
 

Rechercher parmi les discussions des clients
Rechercher dans toutes les discussions Amazon
   


Rechercher des articles similaires par rubrique