Android App Security Auditing

Presented at BSidesLV 2015, Aug. 5, 2015, 2 p.m. (235 minutes)

Students will set up an environment that makes it easy to test Android apps for common security flaws such as lack of binary protections, insecure data transmission, insecure file storage, and data exposure in logs and memory dumps. We will find and exploit real flaws in real financial apps including the Bank of America, Wells Fargo, TurboTax, and many more.

Presenters:

• Sam Bowne - City College San Francisco - City College San Francisco
  Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at DEFCON, HOPE, BayThreat, LayerOne, and Toorcon, and taught classes and many other schools and teaching conferences. He has a B.S. in Physics from Edinboro University of Pennsylvania and a Ph.D. in Physics from University of Illinois, Urbana-Champaign. Industry certs: CISSP, CEH, CCENT, WCNA, and more.

Links:

• https://bsideslv2015.sched.com/event/3ui5/android-app-security-auditing

Similar Presentations:

• A New HOPE (2022) / Tracking Android Malware and Auditing App Privacy for Fun and Non-Profit
• Diana Initiative 2020 Virtual / Hacking into Android Ecosystem
• AppSec USA 2013 / A Framework for Android Security through Automation in Virtual Environments