手機安全測試與開發實務課程大綱

手機安全測試與開發實務課程大綱

Learning Objective

• Be able to do security testing on Android Mobile app with hands-on tools, and exercises.
• Understanding of top 10 Android risks, available security testing tools and prevention concepts.

How the course will be running

• There are 5+ APK waiting for us to do security testing including data leakage, poor encryption, SQL injection, client side injection, man in the middle, and content provider security.
• Hands on Android APK file analysis, security testing, and reverse engineering for security vulnerability.
• Discuss on the Android App security or attacks scenario and prevention guide.
• We will mainly use Appie (Android Pentesting Portable Integrated Environment) to do the testing.

Target Audience

• Android Mobile app QA/RD who would like to gain security/hacking testing for APK

課程大綱

• OWASP Top 10 手機攻擊與威脅
• 實務常見的App弱點攻擊情境討論與防護(實務個案討論 )
• Android App 常見的設計安全缺失(實務個案討論 )
• Android App手機的安全測試與工具 (實務APK測試個案練習)