Learn Android Security

Here we have collected a list of articles which can help beginners to start learning android security.

Before starting with Learning android specific Security issues it would make sense to start with some generic approach and hence its best suited to start with learning about OWASP Mobile Security Project and OWASP Mobile security Top 10

To further dig deep in Android Specific sections Here i am listed multiple sources which can be referred and used to understand Android Security.
(I have listed all articles which would be helpful however some of the tools listed in them may not run in Android Tamer due to architectural limitation).

You can find various presentations i have made aroundAndroidTamer listed here

I have personally been taking session on OWASP Mobile Top 10 at Null Banagalore Chapter Meets Here i have listed the slides that i have created for those purposes.

This is still not finished and slides will be added around the other sections of the OWASP Mobile top 10.

A 4 part series by Prateek Gyanchandani on Android application Pentesting using insecure Bank

1. Part 1
2. Part 2
3. Part 3
4. Part 4

A fellow researcher Srinivas has written multiple articles at Info Sec Institute using Android Tamer Here are a list of those articles.

1. Cracking DIVA Part – 1
2. Cracking DIVA Part – 2
3. Cracking DIVA Part – 3
4. Cracking DIVA Part – 4
5. Cracking DIVA Part – 5
6. Android Tamer : A Walk-through
7. Introduction to Android Forensics
8. Part 1
9. Part 2
10. Part 3
11. Part 4
12. Part 5
13. Part 6
14. Part 7
15. Part 8
16. Part 9
17. Part 10
18. Part 11
19. Part 12
20. Part 13
21. Part 14
22. Part 15
23. Part 16

Another Fellow Researcher Aditya Agrawal is working on series of Android Security related articles, Linked below.

1. Android Application Security Part 1- Setup Mobile Pentesting Platform
2. Android Application Security Part 2- Understanding Android Operating System
3. Android Application Security Part 3- Android Application Fundamentals
4. Android Application Security Part 3- – Get to know about your Arsenals
5. Android Application Security Part 5 – Drozer
6. Android Application Security Part 6-Let the Fun Begin
7. Android Application Security Part 7-Understanding AndroidManifest.xml File
8. Android Application Security Part 8 – Insecure Data Storage
9. Android Application Security Part 9 – Binary Protections
10. Android Application Security Part 10 – Insufficient Transport Layer Protection
11. Android Application Security Part 11 – Unintended Data Leakage
12. Android Application Security Part 12 – Poor Authentication And Authorization
13. Android Application Security Part 13 – Broken Cryptography
14. Android Application Security Part 14 – Security Decisions via Untrusted Input
15. Android Application Security Part 15 – Attacking Content Providers
16. Android Application Security Part 16 – Attacking Services
17. Android Application Security Part 17 – Attacking Activities
18. Android Application Security Part 18 – Attacking Broadcast Receivers
19. Android Application Security Part 19 – Improper Session Handling
20. Android Application Security Part 20 – Client Side Injections
21. Android Application Security Part 21 – Exploiting Debuggable Applications
22. Android Application Security Part 22 – Developer Backdoor
23. Android Application Security Part 23 – Spoofing your location in Play Store
24. Android Application Security Part 24 – Configuring your Device for Pentesting
25. Android Application Security Part 25 – Install Google Play Store in Genymotion
26. Android Application Security Part 26 – Intercept Traffic on Android version after 4.2.2

Do suggest if you feel some other beginner friendly resources are being missed out here. Add your contributions via comment form and we will add you as a contributor on this page.