├── img
    └── androidsec.png
├── LICENSE
└── README.md


/img/androidsec.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/saeidshirazi/awesome-android-security/HEAD/img/androidsec.png


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2020 Saeid Ghasemshirazi
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Awesome-Android-Security ![awesome](https://awesome.re/badge.svg)
  2 | ![Screenshot](img/androidsec.png)
  3 | 
  4 |  
  5 | 
  6 | 
  7 | # Table of Contents
  8 | - [Blog](#blog)
  9 | - [How To's](#how-tos)
 10 | - [Papers](#paper)
 11 | - [Books](#books)
 12 | - [Trainings](#Trainings)
 13 | - [Tools](#tools)
 14 |   * [Static Analysis Tools](#Static-Analysis)
 15 |   * [Dynamic Analysis Tools](#Dynamic-Analysis)
 16 |   * [Online APK Analyzers](#Online-APK-Analyzers)
 17 |   * [Online APK Decompiler](#Online-APK-Decompiler)
 18 |   * [Forensic Analysis Tools](#Forensic-Analysis)
 19 | - [Labs](#labs)
 20 | - [Talks](#talks)
 21 | - [Misc](#misc)
 22 | - [Bug Bounty & Writeups](#Bug-Bounty-&-Writeup)
 23 | - [Cheat Sheet](#Cheat-Sheet)
 24 | - [Checklist](#Checklist)
 25 | - [Bug Bounty Report](#Bug-Bounty-Report)
 26 | 
 27 | # Blogs
 28 | 
 29 | * [1-click Exploit in South Korea's biggest mobile chat app](https://stulle123.github.io/posts/kakaotalk-account-takeover/)
 30 | * [20 Security Issues Found in Xiaomi Devices](https://blog.oversecured.com/20-Security-Issues-Found-in-Xiaomi-Devices/)
 31 | * [Bypass Instagram and Threads SSL pinning on Android](https://github.com/Eltion/Instagram-SSL-Pinning-Bypass)
 32 | * [Reverse Engineering Android game Coin Hunt World and its communication protocol to cheat the app](https://research.nccgroup.com/2023/05/31/reverse-engineering-coin-hunt-worlds-binary-protocol/)
 33 | * [Discovering vendor-specific vulnerabilities in Android](https://blog.oversecured.com/Discovering-vendor-specific-vulnerabilities-in-Android/)
 34 | * [Technical analysis of Alien android malware](https://muha2xmad.github.io/malware-analysis/alien/)
 35 | * [Lock Screen Bypass Exploit of Android Devices (CVE-2022–20006)](https://medium.com/maverislabs/lock-screen-bypass-exploit-of-android-devices-cve-2022-20006-604958fcee3a)
 36 | * [Analysis of Android banking Trojan MaliBot that is based on S.O.V.A banker](https://www.f5.com/labs/articles/threat-intelligence/f5-labs-investigates-malibot)
 37 | * [Pending Intents: A Pentester’s view](https://valsamaras.medium.com/pending-intents-a-pentesters-view-92f305960f03)
 38 | * [Android security checklist: theft of arbitrary files](https://blog.oversecured.com/Android-security-checklist-theft-of-arbitrary-files/)
 39 | * [Protecting Android users from 0-Day attacks](https://blog.google/threat-analysis-group/protecting-android-users-from-0-day-attacks/)
 40 | * [Reversing an Android sample which uses Flutter](https://cryptax.medium.com/reversing-an-android-sample-which-uses-flutter-23c3ff04b847)
 41 | * [Step-by-step guide to reverse an APK protected with DexGuard using Jadx](https://blog.lexfo.fr/dexguard.html)
 42 | * [Use cryptography in mobile apps the right way](https://blog.oversecured.com/Use-cryptography-in-mobile-apps-the-right-way/)
 43 | * [Android security checklist: WebView](https://blog.oversecured.com/Android-security-checklist-webview/)
 44 | * [Common mistakes when using permissions in Android](https://blog.oversecured.com/Common-mistakes-when-using-permissions-in-Android/)
 45 | * [Two weeks of securing Samsung devices: Part 2](https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/)
 46 | * [Why dynamic code loading could be dangerous for your apps: a Google example](https://blog.oversecured.com/Why-dynamic-code-loading-could-be-dangerous-for-your-apps-a-Google-example/)
 47 | * [Two weeks of securing Samsung devices: Part 1](https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-1/)
 48 | * [How to exploit insecure WebResourceResponse configurations + an example of the vulnerability in Amazon apps](https://blog.oversecured.com/Android-Exploring-vulnerabilities-in-WebResourceResponse)
 49 | * [Exploiting memory corruption vulnerabilities on Android + an example of such vulnerability in PayPal apps](https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android/)
 50 | * [Capture all android network traffic](https://www.exandroid.dev/2021/03/21/capture-all-android-network-traffic/)
 51 | * [Reverse Engineering Clubhouse](https://www.klmlabs.co/blog/club-house-observations-th5x8)
 52 | * [Escape the Chromium sandbox on Android Devices](https://microsoftedge.github.io/edgevr/posts/yet-another-uaf/)
 53 | * [Android Penetration Testing: Frida](https://www.hackingarticles.in/android-penetration-testing-frida/)
 54 | * [Android: Gaining access to arbitrary* Content Providers](https://blog.oversecured.com/Gaining-access-to-arbitrary-Content-Providers/)
 55 | * [Getting root on a 4G LTE mobile hotspot](https://alex.studer.dev/2021/01/04/mw41-1)
 56 | * [Exploiting new-era of Request forgery on mobile applications](http://dphoeniixx.com/2020/12/13-2/)
 57 | * [Deep Dive into an Obfuscation-as-a-Service for Android Malware](https://wwwstratosphereips.org/blog/2020/12/03/deep-dive-into-an-obfuscation-as-a-service-for-android-malware)
 58 | * [Evernote: Universal-XSS, theft of all cookies from all sites, and more](https://blog.oversecured.com/Evernote-Universal-XSS-theft-of-all-cookies-from-all-sites-and-more/)
 59 | * [Interception of Android implicit intents](https://blog.oversecured.com/Interception-of-Android-implicit-intents/)
 60 | * [AAPG - Android application penetration testing guide](https://nightowl131.github.io/AAPG/)
 61 | * [TikTok: three persistent arbitrary code executions and one theft of arbitrary files](https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/)
 62 | * [Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC - CVE-2020-8913](https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/)
 63 | * [Android: Access to app protected components](https://blog.oversecured.com/Android-Access-to-app-protected-components/)
 64 | * [Android: arbitrary code execution via third-party package contexts](https://blog.oversecured.com/Android-arbitrary-code-execution-via-third-party-package-contexts/)
 65 | * [Android Pentesting Labs - Step by Step guide for beginners](https://medium.com/bugbountywriteup/android-pentesting-lab-4a6fe1a1d2e0)
 66 | * [An Android Hacking Primer](https://medium.com/swlh/an-android-hacking-primer-3390fef4e6a0)
 67 | * [An Android Security tips](https://developer.android.com/training/articles/security-tips)
 68 | * [OWASP Mobile Security Testing Guide](https://www.owasp.org/index.php/OWASP_Mobile_Security_Testing_Guide)
 69 | * [Security Testing for Android Cross Platform Application](https://3xpl01tc0d3r.blogspot.com/2019/09/security-testing-for-android-app-part1.html)
 70 | * [Dive deep into Android Application Security](https://blog.0daylabs.com/2019/09/18/deep-dive-into-Android-security/)
 71 | * [Pentesting Android Apps Using Frida](https://www.notsosecure.com/pentesting-android-apps-using-frida/)
 72 | * [Mobile Security Testing Guide](https://mobile-security.gitbook.io/mobile-security-testing-guide/)
 73 | * [Android Applications Reversing 101](https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/#.WQND0G3TTOM.reddit)
 74 | * [Android Security Guidelines](https://developer.box.com/en/guides/security/)
 75 | * [Android WebView Vulnerabilities](https://pentestlab.blog/2017/02/12/android-webview-vulnerabilities/)
 76 | * [OWASP Mobile Top 10](https://www.owasp.org/index.php/OWASP_Mobile_Top_10)
 77 | * [Practical Android Phone Forensics](https://resources.infosecinstitute.com/practical-android-phone-forensics/)
 78 | * [Mobile Pentesting With Frida](https://drive.google.com/file/d/1JccmMLi6YTnyRrp_rk6vzKrUX3oXK_Yw/view)
 79 | * [Zero to Hero - Mobile Application Testing - Android Platform](https://nileshsapariya.blogspot.com/2016/11/zero-to-hero-mobile-application-testing.html)
 80 | * [Detecting Dynamic Loading in Android Applications](https://sayfer.io/blog/dynamic-loading-in-android-applications-with-proc-maps/)
 81 | * [Static Analysis for Android and iOS](https://pentestwiki.org/static-analysis-for-android-and-ios)
 82 | * [Dynamic Analysis for Android and iOS](https://pentestwiki.org/dynamic-analysis-for-android-and-ios)
 83 | * [Exploring intent-based Android security vulnerabilities on Google Play (part 1/3)](https://snyk.io/blog/exploring-android-intent-based-security-vulnerabilities-google-play/)
 84 | * [Hunting intent-based Android security vulnerabilities with Snyk Code (part 2/3)](https://snyk.io/blog/hunting-intent-based-android-security-vulnerabilities-with-snyk-code/)
 85 | * [Mitigating and remediating intent-based Android security vulnerabilities (part 3/3)](https://snyk.io/blog/mitigating-remediating-intent-based-android-security-vulnerabilities/)
 86 | * [Strengthening Android Security: Mitigating Banking Trojan Threats](https://debugactiveprocess.medium.com/strengthening-android-security-mitigating-banking-trojan-threats-fe94ae9e2f02)
 87 | 
 88 | # How To's
 89 | 
 90 | * [How to analyze mobile malware: a Cabassous/FluBot Case study](https://blog.nviso.eu/2021/04/19/how-to-analyze-mobile-malware-a-cabassous-flubot-case-study/)
 91 | * [How to Bypasses Iframe Sandboxing](https://blog.confiant.com/malvertiser-scamclub-bypasses-iframe-sandboxing-with-postmessage-shenanigans-cve-2021-1801-1c998378bfba)
 92 | * [How To Configuring Burp Suite With Android Nougat](https://blog.ropnop.com/configuring-burp-suite-with-android-nougat/)
 93 | * [How To Bypassing Xamarin Certificate Pinning](https://www.gosecure.net/blog/2020/04/06/bypassing-xamarin-certificate-pinning-on-android/)
 94 | * [How To Bypassing Android Anti-Emulation](https://www.juanurs.com/Bypassing-Android-Anti-Emulation-Part-I/)
 95 | * [How To Secure an Android Device](https://source.android.com/security)
 96 | * [Android Root Detection Bypass Using Objection and Frida Scripts](https://medium.com/@GowthamR1/android-root-detection-bypass-using-objection-and-frida-scripts-d681d30659a7)
 97 | * [Root Detection Bypass By Manual Code Manipulation.](https://medium.com/@sarang6489/root-detection-bypass-by-manual-code-manipulation-5478858f4ad1)
 98 | * [Magisk Systemless Root - Detection and Remediation](https://www.mobileiron.com/en/blog/magisk-android-rooting)
 99 | * [How to use FRIDA to bruteforce Secure Startup with FDE-encryption on a Samsung G935F running Android 8](https://github.com/Magpol/fridafde)
100 | 
101 | # Papers
102 | 
103 | 
104 | * [A systematic analysis of commercial Android packers](https://dl.acm.org/doi/abs/10.1145/3540250.3558969)
105 | * [A Large-Scale Study on the Adoption of Anti-Debugging and Anti-Tampering Protections in Android Apps](https://stefanoberlato.it/publications/pdf/JISA20.pdf)
106 | * [Things You May Not Know About Android (Un)Packers](https://homes.luddy.indiana.edu/xw7/papers/duan2018ndss.pdf)
107 | * [Happer: Unpacking Android Apps via a Hardware-Assisted Approach](https://ieeexplore.ieee.org/document/9519458)
108 | * [AndrODet: An adaptive Android obfuscation detector](https://arxiv.org/pdf/1910.06192.pdf)
109 | * [GEOST BOTNET - the discovery story of a new Android banking trojan](http://public.avast.com/research/VB2019-Garcia-etal.pdf)
110 | * [Dual-Level Android Malware Detection](https://www.mdpi.com/2073-8994/12/7/1128)
111 | * [An Investigation of the Android Kernel Patch Ecosystem](https://www.usenix.org/conference/usenixsecurity21/presentation/zhang)
112 |    
113 | # Books
114 | 
115 |  * [SEI CERT Android Secure Coding Standard](https://www.securecoding.cert.org/confluence/display/android/Android+Secure+Coding+Standard)
116 |  * [Android Security Internals](https://www.oreilly.com/library/view/android-security-internals/9781457185496/)
117 |  * [Android Cookbook](https://androidcookbook.com/)
118 |  * [Android Hacker's Handbook](https://www.amazon.com/Android-Hackers-Handbook-Joshua-Drake/dp/111860864X)
119 |  * [Android Security Cookbook](https://www.packtpub.com/in/application-development/android-security-cookbook)
120 |  * [The Mobile Application Hacker's Handbook](https://www.amazon.in/Mobile-Application-Hackers-Handbook-ebook/dp/B00TSA6KLG)
121 |  * [Android Malware and Analysis](https://www.oreilly.com/library/view/android-malware-and/9781482252200/)
122 |  * [Android Security: Attacks and Defenses](https://www.crcpress.com/Android-Security-Attacks-and-Defenses/Misra-Dubey/p/book/9780367380182)
123 |  * [Learning Penetration Testing For Android Devices](https://www.amazon.com/Learning-Penetration-Testing-Android-Devices-ebook/dp/B077L7SNG8)
124 | * [Android Hacking 2020 Edition](https://www.amazon.com/Hacking-Android-TERRY-D-CLARK-ebook/dp/B08MD2D1SJ)
125 | 
126 |  
127 | # Trainings
128 | 
129 | * [SEC575: Mobile Device Security and Ethical Hacking](https://www.sans.org/cyber-security-courses/mobile-device-security-ethical-hacking/)
130 | * [Android Reverse Engineering_pt-BR](https://www.youtube.com/watch?v=eHdDS2e_qf0&list=PL4zZ9lJ-RCbfv6f6Jc8cJ4ljKqENkTfi7) 
131 | * [Learning-Android-Security](https://www.lynda.com/Android-tutorials/Learning-Android-Security/689762-2.html)
132 | * [Advanced Android Development](https://developer.android.com/courses/advanced-training/overview)
133 | * [Learn the art of mobile app development](https://www.edx.org/professional-certificate/harvardx-computer-science-and-mobile-apps)
134 | * [Learning Android Malware Analysis](https://www.linkedin.com/learning/learning-android-malware-analysis)
135 | * [Android App Reverse Engineering 101](https://maddiestone.github.io/AndroidAppRE/)
136 | * [MASPT V2](https://www.elearnsecurity.com/course/mobile_application_security_and_penetration_testing/)
137 | * [Android Pentration Testing(Persian)](https://www.youtube.com/watch?v=XqS_bA6XfNU&list=PLvVo-xqnJCI7rftDaiEtWFLXlkxN-1Nxn)
138 |   
139 | # Tools
140 |      
141 | #### Static Analysis
142 | 
143 | * [BlackDex is an Android unpack(dexdump) tool](https://github.com/CodingGay/BlackDex)
144 | * [Deoptfuscator - Deobfuscator for Android Application](https://github.com/Gyoonus/deoptfuscator)
145 | * [Android Reverse Engineering WorkBench for VS Code](https://github.com/Surendrajat/APKLab)
146 | * [Apktool:A tool for reverse engineering Android apk files](https://ibotpeaches.github.io/Apktool/)
147 | * [Defeat Java packers via Frida instrumentation](https://github.com/enovella/fridroid-unpacker)
148 | * [quark-engine - An Obfuscation-Neglect Android Malware Scoring System](https://github.com/quark-engine/quark-engine)
149 | * [DeGuard:Statistical Deobfuscation for Android](http://apk-deguard.com/)
150 | * [jadx - Dex to Java decompiler](https://github.com/skylot/jadx/releases)
151 | * [Amandroid – A Static Analysis Framework](http://pag.arguslab.org/argus-saf)
152 | * [Androwarn – Yet Another Static Code Analyzer](https://github.com/maaaaz/androwarn/)
153 | * [Droid Hunter – Android application vulnerability analysis and Android pentest tool](https://github.com/hahwul/droid-hunter)
154 | * [Error Prone – Static Analysis Tool](https://github.com/google/error-prone)
155 | * [Findbugs – Find Bugs in Java Programs](http://findbugs.sourceforge.net/downloads.html)
156 | * [Find Security Bugs – A SpotBugs plugin for security audits of Java web applications.](https://github.com/find-sec-bugs/find-sec-bugs/)
157 | * [Flow Droid – Static Data Flow Tracker](https://github.com/secure-software-engineering/FlowDroid)
158 | * [Smali/Baksmali – Assembler/Disassembler for the dex format](https://github.com/JesusFreke/smali)
159 | * [Smali-CFGs – Smali Control Flow Graph’s](https://github.com/EugenioDelfa/Smali-CFGs)
160 | * [SPARTA – Static Program Analysis for Reliable Trusted Apps](https://www.cs.washington.edu/sparta)
161 | * [Gradle Static Analysis Plugin](https://github.com/novoda/gradle-static-analysis-plugin)
162 | * [Checkstyle – A tool for checking Java source code](https://github.com/checkstyle/checkstyle)
163 | * [PMD – An extensible multilanguage static code analyzer](https://github.com/pmd/pmd)
164 | * [Soot – A Java Optimization Framework](https://github.com/Sable/soot)
165 | * [Android Quality Starter](https://github.com/pwittchen/android-quality-starter)
166 | * [QARK – Quick Android Review Kit](https://github.com/linkedin/qark)
167 | * [Infer – A Static Analysis tool for Java, C, C++ and Objective-C](https://github.com/facebook/infer)
168 | * [Android Check – Static Code analysis plugin for Android Project](https://github.com/noveogroup/android-check)
169 | * [FindBugs-IDEA Static byte code analysis to look for bugs in Java code](https://plugins.jetbrains.com/plugin/3847-findbugs-idea)
170 | * [APK Leaks – Scanning APK file for URIs, endpoints & secrets](https://github.com/dwisiswant0/apkleaks)
171 | * [Trueseeing – fast, accurate and resillient vulnerabilities scanner for Android apps](https://github.com/monolithworks/trueseeing)
172 | * [StaCoAn – crossplatform tool which aids developers, bugbounty hunters and ethical hackers](https://github.com/vincentcox/StaCoAn)
173 | * [APKScanner](https://github.com/n3k00n3/APKScanner)
174 | * [Mobile Audit – Web application for performing Static Analysis and detecting malware in Android APKs](https://github.com/mpast/mobileAudit)
175 | * [mariana-trench - Our security focused static analysis tool for Android and Java applications.](https://github.com/facebook/mariana-trench)
176 | * [semgrep-rules-android-security](https://github.com/mindedsecurity/semgrep-rules-android-security)
177 |       
178 | #### Dynamic Analysis
179 | 
180 | * [Mobile-Security-Framework MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF)
181 | * [Magisk v23.0 - Root & Universal Systemless Interface](https://github.com/topjohnwu/Magisk)
182 | * [Runtime Mobile Security (RMS) - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime](https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security)
183 | * [House: A runtime mobile application analysis toolkit with a Web GUI](https://github.com/nccgroup/house)
184 | * [Objection - Runtime Mobile Exploration toolkit, powered by Frida](https://github.com/sensepost/objection)
185 | * [Droid-FF - Android File Fuzzing Framework](https://github.com/antojoseph/droid-ff)
186 | * [Drozer](https://github.com/FSecureLABS/drozer)
187 | * [Slicer-automate APK Recon](https://github.com/mzfr/slicer)
188 | * [Inspeckage](https://github.com/ac-pm/Inspeckage)
189 | * [PATDroid - Collection of tools and data structures for analyzing Android applications](https://github.com/mingyuan-xia/PATDroid)
190 | * [Radare2 - Unix-like reverse engineering framework and commandline tools](https://github.com/radareorg/radare2)
191 | * [Cutter - Free and Open Source RE Platform powered by radare2](https://cutter.re/)
192 | * [ByteCodeViewer - Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger)](https://bytecodeviewer.com/)
193 | 
194 | 
195 |         
196 | #### Online APK Analyzers
197 | 
198 | * [Guardsquare AppSweep](https://www.guardsquare.com/appsweep-mobile-application-security-testing)
199 | * [Oversecured](https://oversecured.com/)
200 | * [Android Observatory APK Scan](https:/androidobservatory.org/upload)
201 | * [AndroTotal](http://andrototal.org/)
202 | * [VirusTotal](https://www.virustotal.com/#/home/upload)
203 | * [Scan Your APK](https://scanyourapk.com/)
204 | * [AVC Undroid](https://undroid.av-comparatives.org/index.php)
205 | * [OPSWAT](https://metadefender.opswat.com/#!/)
206 | * [ImmuniWeb Mobile App Scanner](https://www.htbridge.com/mobile/)
207 | * [Ostor Lab](https://www.ostorlab.co/scan/mobile/)
208 | * [Quixxi](https://quixxisecurity.com/)
209 | * [TraceDroid](http://tracedroid.few.vu.nl/submit.php)
210 | * [Visual Threat](http://www.visualthreat.com/UIupload.action)
211 | * [App Critique](https://appcritique.boozallen.com/)
212 | * [Jotti's malware scan](https://virusscan.jotti.org/)
213 | * [kaspersky scanner](https://opentip.kaspersky.com/)
214 | * [Hudson Rock](https://www.hudsonrock.com/threat-intelligence-cybercrime-tools)
215 | 
216 | #### Online APK Decompiler
217 | * [Android APK Decompiler](http://www.decompileandroid.com/)
218 | * [Java  Decompiler APk](http://www.javadecompilers.com/apk)
219 | * [APK DECOMPILER APP](https://www.apkdecompilers.com/)
220 | * [DeAPK is an open-source, online APK decompiler ](https://deapk.vaibhavpandey.com/)
221 | * [apk and dex decompilation back to Java source code](http://www.decompiler.com/)
222 | * [APK Decompiler Tools](https://apk.tools/tools/apk-decompiler/alternateURL/)
223 | 
224 | #### Forensic Analysis
225 | * [Forensic Analysis for Mobile Apps (FAMA)](https://github.com/labcif/FAMA)
226 | * [Andriller](https://github.com/den4uk/andriller)
227 | * [Autopsy](https://www.autopsy.com/)
228 | * [bandicoot](https://github.com/computationalprivacy/bandicoot)
229 | * [Fridump-A universal memory dumper using Frida](https://github.com/Nightbringer21/fridump)
230 | * [LiME - Linux Memory Extractor](https://github.com/504ensicsLabs/LiME)
231 | 
232 | # Labs
233 | 
234 | * [Damn-Vulnerable-Bank](https://github.com/rewanth1997/Damn-Vulnerable-Bank)  
235 | * [OVAA (Oversecured Vulnerable Android App)](https://github.com/oversecured/ovaa)
236 | * [DIVA (Damn insecure and vulnerable App)](https://github.com/payatu/diva-android)
237 | * [OWASP Security Shepherd ](https://github.com/OWASP/SecurityShepherd)
238 | * [Damn Vulnerable Hybrid Mobile App (DVHMA)](https://github.com/logicalhacking/DVHMA)
239 | * [OWASP-mstg(UnCrackable Mobile Apps)](https://github.com/OWASP/owasp-mstg/tree/master/Crackmes)
240 | * [VulnerableAndroidAppOracle](https://github.com/dan7800/VulnerableAndroidAppOracle)
241 | * [Android InsecureBankv2](https://github.com/dineshshetty/Android-InsecureBankv2)
242 | * [Purposefully Insecure and Vulnerable Android Application (PIIVA)](https://github.com/htbridge/pivaa)
243 | * [Sieve app(An android application which exploits through android components)](https://github.com/mwrlabs/drozer/releases/download/2.3.4/sieve.apk)
244 | * [DodoVulnerableBank(Insecure Vulnerable Android Application that helps to learn hacing and securing apps)](https://github.com/CSPF-Founder/DodoVulnerableBank)
245 | * [Digitalbank(Android Digital Bank Vulnerable Mobile App)](https://github.com/CyberScions/Digitalbank)
246 | * [AppKnox Vulnerable Application](https://github.com/appknox/vulnerable-application)
247 | * [Vulnerable Android Application](https://github.com/Lance0312/VulnApp)
248 | * [Android Security Labs](https://github.com/SecurityCompass/AndroidLabs)
249 | * [Android-security Sandbox](https://github.com/rafaeltoledo/android-security)
250 | * [VulnDroid(CTF Style Vulnerable Android App)](https://github.com/shahenshah99/VulnDroid)
251 | * [FridaLab](https://rossmarks.uk/blog/fridalab/)
252 | * [Santoku Linux - Mobile Security VM](https://santoku-linux.com/)
253 | * [AndroL4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis](https://github.com/sh4hin/Androl4b)
254 | 
255 |   
256 | # Talks
257 |   
258 | * [One Step Ahead of Cheaters -- Instrumenting Android Emulators](https://www.youtube.com/watch?v=L3AniAxp_G4)
259 | * [Vulnerable Out of the Box: An Evaluation of Android Carrier Devices](https://www.youtube.com/watch?v=R2brQvQeTvM)
260 | * [Rock appround the clock: Tracking malware developers by Android](https://www.youtube.com/watch?v=wd5OU9NvxjU)
261 | * [Chaosdata - Ghost in the Droid: Possessing Android Applications with ParaSpectre](https://www.youtube.com/watch?v=ohjTWylMGEA)
262 | * [Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets](https://www.youtube.com/watch?v=TDk2RId8LFo)
263 | * [Honey, I Shrunk the Attack Surface – Adventures in Android Security Hardening](https://www.youtube.com/watch?v=EkL1sDMXRVk)
264 | * [Hide Android Applications in Images](https://www.youtube.com/watch?v=hajOlvLhYJY)
265 | * [Scary Code in the Heart of Android](https://www.youtube.com/watch?v=71YP65UANP0)
266 | * [Fuzzing Android: A Recipe For Uncovering Vulnerabilities Inside System Components In Android](https://www.youtube.com/watch?v=q_HibdrbIxo)
267 | * [Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library](https://www.youtube.com/watch?v=s0Tqi7fuOSU)
268 | * [Android FakeID Vulnerability Walkthrough](https://www.youtube.com/watch?v=5eJYCucZ-Tc)
269 | * [Unleashing D* on Android Kernel Drivers](https://www.youtube.com/watch?v=1XavjjmfZAY)
270 | * [The Smarts Behind Hacking Dumb Devices](https://www.youtube.com/watch?v=yU1BrY1ZB2o)
271 | * [Overview of common Android app vulnerabilities](https://www.bugcrowd.com/resources/webinars/overview-of-common-android-app-vulnerabilities/)
272 | * [Advanced Android Bug Bounty skills](https://www.youtube.com/watch?v=OLgmPxTHLuY)
273 | * [Android security architecture](https://www.youtube.com/watch?v=3asW-nBU-JU)
274 | * [Get the Ultimate Privilege of Android Phone](https://vimeo.com/335948808)
275 | * [Securing the System: A Deep Dive into Reversing Android Pre-Installed Apps](https://www.youtube.com/watch?v=U6qTcpCfuFc)
276 | * [Bad Binder: Finding an Android In The Wild 0day](https://www.youtube.com/watch?v=TAwQ4ezgEIo)
277 | * [Deep dive into ART(Android Runtime) for dynamic binary analysis](https://www.youtube.com/watch?v=mFq0vNvUgj8)
278 |   
279 | # Misc
280 | 
281 | * [PhoneSploit with Metasploit Integration](https://github.com/AzeemIdrisi/PhoneSploit-Pro)
282 | * [Android Malware Adventures](https://docs.google.com/presentation/d/1pYB522E71hXrp4m3fL3E3fnAaOIboJKqpbyE5gSsOes/edit)    
283 | * [Android-Reports-and-Resources](https://github.com/B3nac/Android-Reports-and-Resources/blob/master/README.md)
284 | * [Hands On Mobile API Security](https://hackernoon.com/hands-on-mobile-api-security-get-rid-of-client-secrets-a79f111b6844)
285 | * [Android Penetration Testing Courses](https://medium.com/mobile-penetration-testing/android-penetration-testing-courses-4effa36ac5ed)
286 | * [Lesser-known Tools for Android Application PenTesting](https://captmeelo.com/pentest/2019/12/30/lesser-known-tools-for-android-pentest.html)
287 | * [android-device-check - a set of scripts to check Android device security configuration](https://github.com/nelenkov/android-device-check)
288 | * [apk-mitm - a CLI application that prepares Android APK files for HTTPS inspection](https://github.com/shroudedcode/apk-mitm)
289 | * [Andriller - is software utility with a collection of forensic tools for smartphones](https://github.com/den4uk/andriller)
290 | * [Dexofuzzy: Android malware similarity clustering method using opcode sequence-Paper](https://www.virusbulletin.com/virusbulletin/2019/11/dexofuzzy-android-malware-similarity-clustering-method-using-opcode-sequence/)
291 | * [Chasing the Joker](https://docs.google.com/presentation/d/1sFGAERaNRuEORaH06MmZKeFRqpJo1ol1xFieUa1X_OA/edit#slide=id.p1)
292 | * [Side Channel Attacks in 4G and 5G Cellular Networks-Slides](https://i.blackhat.com/eu-19/Thursday/eu-19-Hussain-Side-Channel-Attacks-In-4G-And-5G-Cellular-Networks.pdf)
293 | * [Shodan.io-mobile-app for Android](https://github.com/PaulSec/Shodan.io-mobile-app)
294 | * [Popular Android Malware 2019](https://github.com/sk3ptre/AndroidMalware_2019)
295 | * [Popular Android Malware 2020](https://github.com/sk3ptre/AndroidMalware_2020)    
296 | * [Popular Android Malware 2021](https://github.com/sk3ptre/AndroidMalware_2021)   
297 | * [Popular Android Malware 2022](https://github.com/sk3ptre/AndroidMalware_2022)       
298 |    
299 | # Bug Bounty & Writeups
300 | * [Hacker101 CTF: Android Challenge Writeups](https://medium.com/bugbountywriteup/hacker101-ctf-android-challenge-writeups-f830a382c3ce)
301 | * [Arbitrary code execution on Facebook for Android through download feature](https://medium.com/@dPhoeniixx/arbitrary-code-execution-on-facebook-for-android-through-download-feature-fb6826e33e0f)
302 | 
303 | * [RCE via Samsung Galaxy Store App](https://labs.f-secure.com/blog/samsung-s20-rce-via-samsung-galaxy-store-app/)
304 | 
305 | # Cheat Sheet 
306 | * [Mobile Application Penetration Testing Cheat Sheet](https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet)
307 | * [ADB (Android Debug Bridge) Cheat Sheet](https://www.mobileqaengineer.com/blog/2020/2/4/adb-android-debug-bridge-cheat-sheet)
308 | * [Frida Cheatsheet and Code Snippets for Android](https://erev0s.com/blog/frida-code-snippets-for-android/)
309 | 
310 | # Checklists
311 | * [Android Pentesting Checklist](https://mobexler.com/checklist.htm#android)
312 | * [OWASP Mobile Security Testing Guide (MSTG)](https://github.com/OWASP/owasp-mstg/tree/master/Checklists)
313 | * [OWASP Mobile Application Security Verification Standard (MASVS)](https://github.com/OWASP/owasp-masvs)
314 | 
315 | # Bug Bounty Reports 
316 | * [List of Android Hackerone disclosed reports](https://github.com/B3nac/Android-Reports-and-Resources)
317 | * [How to report security issues](https://source.android.com/security/overview/updates-resources#report-issues)
318 | 


--------------------------------------------------------------------------------