Introduction to Android Hacking
Vložit
- čas přidán 16. 07. 2024
- 📱🐛 Learn the basics of Mobile Hacking (Android). In this introductory video, we are going to discuss android hacking in relation to bug bounty. We'll look at the OWASP top 10 mobile vulnerabilities, the approaches to mobile hacking (static/dynamic), the relevant programming languages to be familiar with, the structure of APK files, the key tools/techniques (with practical demos), the most essential learning resources and practical labs etc 🧠 #BugBounty #EthicalHacking #Mobile #Android #Tutorial #Introduction
Check the full video playlist HERE: • Mobile Hacking
Overview:
0:00 Intro
1:02 OWASP top 10 (mobile)
2:53 Approaches to android hacking
4:42 Useful programming languages
6:25 APK structure
7:34 Tools: apktool
12:02 Tools: dex2jar
13:30 Tools: jadx-gui
15:36 Tools: aapt
16:21 Tools: android studio
20:05 Tools: drozer
21:55 Tools: mobile security framework (MobSF)
27:45 Tools: frida
29:04 Resources
31:40 Practical labs
32:46 Conclusion
Looking to try android hacking and score some bug bounties? check out the active programs on Intigriti 💜
🧑💻 Sign up and start hacking right now - go.intigriti.com/register
👾 Join our Discord - go.intigriti.com/discord
🎙️ This show is hosted by / _cryptocat ( @_CryptoCat ) & / intigriti
👕 Do you want some Intigriti Swag? Check out swag.intigriti.com
📚 Video-specific Resources 🤓
owasp.org/www-project-mobile-...
owasp.org/www-project-mobile-...
www.hackerone.com/ethical-hac...
github.com/tanprathan/MobileA...
github.com/B3nac/Android-Repo...
github.com/xtiankisutsa/aweso...
book.hacktricks.xyz/mobile-pe...
Steve Aoki teaching android hacking, next level
👌🤣
haha, is this really the same person?
@@wolfrevokcats7890 no lol
@@abhizala lol. This is CryptoCat. Don't know his real name, but he has very cool yt channel too www.youtube.com/@_CryptoCat
Oh yes! This is going to be one hell of a series! 🔥 Can't wait to see the rest of it!
🙏🥰
Android is always something I wanted to hack. I'm just finishing up the apisec api hacking course and hope to get into android hacking later this year. Thank you so much for all you do! (p.s I'll be choosing intigriti for bug bounties in the next few months).
Awww thanks very much! Hope these videos will be useful and *for sure* check out some of the programs on intigriti 🥰
@@intigriti They are very useful , and also it seems that intigriti really cares about its user base. It's the fast responses and replies to emails which were my reasons for choosing your platform. (also xxs rat gave you a shout out and his reasons seemed reasonable). Peace, and have a great day!
❤ great video to start
Thank you! 💜
Thank you for sharing this content!!
Thank you for commenting on this content! 🥰
Asslamalikom, May Allah guide you Ameen. You are doing great work keep working. We are with you ❤
Thank you! 💜
@@intigriti most welcome sir ❤️🙏
Dude i started learning how to hack android yesterday, to get the eMAPT cert hahah, thanks!
Perfect timing! 🔥 Let us know if there's any aspects of the course you find particularly important and/or if you think there's a lack of high quality resources online for some modules 🙂
yeah, looking forward to get this cert too. Let's get it!
Good
💜
You have forgotten about the adb tool
Is this course for beginners ? and if not what i need to learn to follow along ? thank you in advance
This is a course to get you started - help you find the resources and tools you need for android hacking, and learn about the techniques used. If there's anything you don't understand in the video, take the time to research it further 😉
Hi,
There are some app which are not working on emulators, show a rooted device detected and got crash without any error. Is there a way to run those apps?
You could check the "how to root AVD" and "bypass root detection" videos in this series, see if they help 🙂
Hello , could you share the slides please if you don't minde?
Hello! Are you looking for the resources mentioned in the slides? They are in the video description 🙂
17:46 what is the actual alias value for android_studio @ 17:46 ?
Hey, the alias is just a call to the .sh script:
alias android_studio='/home/crystal/apps/android-studio/bin/studio.sh'
I have a full list of my aliases here, in case you might find any others useful: github.com/Crypto-Cat/CTF/blob/main/my_bash_aliases.md
I really love intigriti, its simply beautiful platform 🎉🎉
Thank you! 💜
we can hack android games using editing memory ?
Good question! I haven't done any android game hacking, maybe some of these tools would be worth checking out: drfone.wondershare.com/android-tips/android-game-hackers.html
When you have to use the word "archive" but you've never heard anyone say it aloud before. (-:
Timestamp me! 😆
@@intigriti Every time I think... I'll mark the first one... 6:33 - You obviously know what you're talking about so at first I thought you were pronouncing it ironically...
lmao tbh i'm pretty sure I alternate between pronunciations from video to video.. maybe even in the same video sometimes :') I actually thought the UK/US pronunciation of "archive" were different but ig not.. now I know 😄
edit: yep, just noticed I pronounce it correctly in today's video upload, which I recorded last week 🥴
how to protect android phones from hacking ? Is there any solution ?
There's two different issues; secure phones and secure apps. You can increase your phone's security by keeping it up to date (apps too), not rooting it, using some kind of AV/anti-malware etc. For keeping android apps secure, there are many secure design principles that should be followed in the dev lifecycle.
thank you so much
We got you 👊
This guy sounds familiar. When he used tldr, a tool which I learned from another youtube channel called _CryptoCat, I was wondering if this was the same person.
Then, I looked at the description and realized it was!
Good job Intigriti for inviting CryptoCat to your channel, I really like the way he teaches.
Looking forward for more tips and tricks in Android Hacking
I would love to hear more about dynamic analysis using MobSF, Drozer and Frida
Thank you! 🙏🥰 A good few episodes planned for this series, so we'll definitely cover some dynamic analysis with the tools you mentioned 🙂
@@intigriti awesome, you're the best!
@intigriti need more
Coming 🔜