Jump to content
Rem

Android Pentesting

Recommended Posts

Salut,

 

Exista mai multe lucruri care se pot verifica la o aplicatie (banuiesc ca nu te referi la a gasi vulnerabilitati in sistemul de operare).

Cel mai important ar fi sa vezi cum interactioneaza aplicatia cu un server web (cel mai comun caz) si sa gasesti vulnerabilitati pe server. Si daca verifica certificatul SSL.

Alte lucruri ar fi daca stocheaza date sensibile accesibile pentru alte aplicatii, daca are hardcodate parole/chei etc. 

 

Aici gasesti cateva lucruri utile: https://www.owasp.org/index.php/OWASP_Mobile_Security_Testing_Guide

Si aici tool-uri si altele: https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet

 

Exista multe resurse disponibile, insa in final depinde de ce face aplicatia.

 

  • Like 1
  • Upvote 1
Link to comment
Share on other sites

Va multumesc din suflet pentru raspunsuri. Am sa le incerc pe fiecare in parte si am sa revin cu un reply la topic ce mi s.a parut mie mai simplu de aplicat. 

 

P.S. Sunt binevenite si alte recomandari va multumesc. :D

Edited by Rem
change of an word
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...