• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2019
  • May
  • 1
  • Android Application Penetration Testing Checklist

Android Application Penetration Testing Checklist

May 1, 2019 Comments Off on Android Application Penetration Testing Checklist
android penetration testing checklist android pentest mobile penetration testing mobile pentest checklist mobile pentest report

Android is the biggest organized base of any mobile platform and is developing fast—every day. Besides, Android is rising as the most extended operating system in this viewpoint because of different reasons.

However, as far as security, no data related to the new vulnerabilities that could prompt to a weak programming on this stage is being revealed, realizing that this stage has an outstanding attack surface.

Information gathering

Information Gathering is the most basic stride of an application security test. The security test should attempt to test however much of the code base as could reasonably be possible.

Therefore mapping every conceivable way through the code to encourage exhaustive testing is principal.

  • General Information. Rundown of general application information.
  • Testing for Common Libraries and Fingerprinting.
  • Rundown of application components and Component authorizations.
  • Reverse Engineering the Application Code.

Application Local Storage Flaws

Android gives a few alternatives to you to spare persevering application information. The storage you pick relies on upon your particular needs.

For example, regardless of whether the information should be private to your application or open to different applications (and the client) and how much space your data requires.

  • Sensible data found in logs and cache.
  • Putting away Sensitive Data on Shared Storage (presented to all applications with no restrictions).
  • Content Providers SQL Injection and Access Permissions.
  • Check if sensitive data stays there even after log out.
  • Privacy and Metadata Leaks.

Transport Layer Security

Encryption with Transport Layer Security continues prying eyes far from your messages while they’re in flying. TLS is a protocol that encodes and conveys data safely, for both inbound and outbound traffic data, it avoids spying.

  • Older Insecure Transport Layer Protocols.
  • TLS Weak Encryption(CRIME, BREACH, BEAST, Lucky13, RC4, etc) can be found with tools like (sslscan, sslyze, osaft etc.).
  • Insecure Data Storage.
  • Bypassing TLS Certificate Pinning.
  • TLS Authenticity Flaws.

IPC Security(Inter-process communication)

The Android IPC mechanisms allow you to verify the identity of the application connecting to your IPC and set security policy for each IPC mechanism.

  • Device Denial of Service attacks.
  • Permissions & Digital Signature Data Sharing Issues.
  • An illegitimate application could get access to sensitive data.
  • Uncovered Components and Cross-Application Authorization.

Untrusted Code

  •  Sensitive information disclosed in application error message.
  • JavaScript Execution Risks at WebViews.
  • Insecure permissions set by application through AndroidManifest.xml file.
  • Integer, Heap, and Stack Based Buffer Overflow.

Authentication Flaws

Authentication is a basic part of this procedure, yet even strong validation authentication can be undermined by imperfect credential management functions, including password change, forgot my password, remember my password, account update, and other related functions.

  • Authentication Inconsistency.
  • Cross Application Authentication.
  • Session handling errors.
  • Client Side Based Authentication Flaws.
  • The absence of account lockout policy.

Business logic vulnerability

vulnerabilities with components more centered around on design rather codification are incorporated. Both execution trick and the capacity of the application to work in a startling way influencing its work process are incorporated.

  • Check for server side validation.
  • Admin/user account compromise.
  • Check for root detection method/bypass it.
  • Bruteforce authentication.

Penetration Testing Android Server side checks

  • Check for client side injection (XSS).
  • Username enumeration.
  • SQL injection
  • Malicious file upload.
  • Check for all HTTP methods (PUT, DELETE etc. Use burp intruder using HTTP verb tampering).
  • Check for session management (cookie flaws, session overriding, session fixation etc.).
  • CAPTCHA implementation flaws & bypass.
  • Run nikto, dirb websever scanner.

Open Android Security Assessment Methodology

Android Security controls are structured in the following section for reference framework on Android application vulnerability assessments.

  • OASAM-INFO: Information Gathering: Information gathering and attack surface definition.
  • OASAM-CONF: Configuration and Deploy Management: Configuration and deploy assessment.
  • OASAM-AUTH: Authentication: Authentication assessment.
  • OASAM-CRYPT: Cryptography: Cryptography use assessment.
  • OASAM-LEAK: Information Leak: Confidential information leak assessment.
  • OASAM-DV: Data Validation:User entry management assessment.
  • OASAM-IS: Intent Spoofing: Intent reception management assessment.
  • OASAM-UIR: Unauthorized Intent Receipt:Intent resolution assessment.
  • OASAM-BL Business Logic: Application business logic assessment.

 

More Penetration Testing Checklists

  • Network Checklist
  • Cloud Checklist
  • Web server Checklist
  • WordPress Penetration testing
  • Mobile Application Checklists

Post navigation

Cloud Computing Penetration Testing Checklist & Important Considerations
Testing your VPN’s Encryption and Privacy – Complete Guide

Related Articles

RedCloud – Powerful Red Team Infrastructure deployment using Docker

- Pentesting
October 31, 2019

WindowsSpyBlocker – Block spying and tracking on Windows

- Firewall, Pentesting
May 5, 2019July 27, 2019

Cloud Computing Penetration Testing Checklist & Important Considerations

- Pentesting
May 1, 2019
hacker gadgets
hacker phone covers

Recent Posts

Heap_Detective - The Simple Way To Detect Heap Memory Pitfalls In C++ And C

Heap_Detective – The Simple Way To Detect Heap Memory Pitfalls In C++ And C

February 6, 2023
OneNoteAnalyzer: analyzing malicious OneNote documents

OneNoteAnalyzer: analyzing malicious OneNote documents

February 6, 2023
Winevt_Logs_Analysis - Searching .Evtx Logs For Remote Connections

Winevt_Logs_Analysis – Searching .Evtx Logs For Remote Connections

February 5, 2023
NJ Man Attempted to Hire a Hitman on the Dark Web

NJ Man Attempted to Hire a Hitman on the Dark Web

February 5, 2023
PlumHound v1.5.1 releases: Bloodhound for Blue and Purple Teams

PlumHound v1.5.1 releases: Bloodhound for Blue and Purple Teams

February 4, 2023
EAST - Extensible Azure Security Tool - Documentation

EAST – Extensible Azure Security Tool – Documentation

February 4, 2023

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Join Our Community!

Please wait...
Get the latest News and Hacking Tools delivered to your inbox.
Don't Worry ! You will not be spammed

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW