SlideShare une entreprise Scribd logo

OWASP Bangalore meet - Android Mobile Security

Abhinav Sejpal
Abhinav Sejpal

OWASP Bangalore meet - 28th March 2015 10:00 AM - 2:00 PM Mobile Application Security Testing Overview The Building blocks of Android Apps Live demos w.r.t Android App : Demo 1 - Poor Authorization and Authentication (M5) Demo 2 - Sensitive Information Leakage (M4) Demo 3 – Insecure Data storage (M2) Test factory Arsenal

Technologie
1  sur  26
Télécharger pour lire hors ligne
Oh Yes, I love your private data Android App Security Bangalore Meet up @ Abhinav Sejpal Fidelity Investments
WHO AM I Next Generation problem Solver Researcher & Reader in free time Speaker at Facilitator at Weekend Testing Crowd Tester (AKA. Bug bounty Hunter) Reported Security Vulnerabilities for 50+ unique customers all over the world inlcluding Apple, yahoo, Outlook, adobe & etc. Love to develop nasty code & Hack it :) Works as Security Researcher at AKA. Bug Wrangler Null & OWASP Community Accenture Digital Mobility
~Publication ~
DISCLAIMER This Presentation is intended for educational purposes only and I cannot be held liable for any kind of damages done whatsoever to your machine, or other damages. Please - Don't try this attack on any others system without having context knowledge or permission, this may harm to someone directly or indirectly. Feel free to use this presentation for practice or education purpose. It's no way related to my employer - its my own research and ideas. ^ I hope - You gotcha ^
SOCIAL MEDIA FEED Hashtag for this session #OWASPBlr, #MobileSecurity : Twitter handle for feedback : @ @OWASPBangalore Abhinav_Sejpal
AGENDA
INDIAN HACKERS/INFOSEC GUYS & GROUPS YOU SHOULD BE FOLLOWING IN TWITTER Thank-you http://garage4hackers.com/ community
@ , @ @ and @ CREDITS anantshri exploitprotocol adi1391 5h1vang Big thank and you one & All.OWASPBANGALORE
YES - I'M DONE! Feel free to write me at bug.wrangler at outlook.com
LICENSE AND COPYRIGHTS https://slides.com/abhinavsejpal/owasp-androidsecurity copyrights 2015-2016 Abhinav Sejpal ----- (CC BY-NC-ND 3.0) Attribution-NonCommercial-NoDerivs 3.0 Unported Dedicated to my lovely daddy

Recommandé

Android mobile app security offensive security workshop
Android mobile app security offensive security workshopAndroid mobile app security offensive security workshop
Android mobile app security offensive security workshop
Abhinav Sejpal
 
Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0
Dinesh O Bareja
 
LKNOG3 - Bug Bounty
LKNOG3 - Bug BountyLKNOG3 - Bug Bounty
LKNOG3 - Bug Bounty
LKNOG
 
Bug Bounty Secrets
Bug Bounty Secrets Bug Bounty Secrets
Bug Bounty Secrets
n|u - The Open Security Community
 
GoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from withinGoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from within
IMMUNIO
 
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
IMMUNIO
 
Mejores prácticas en el diseño e implementación de APIs
Mejores prácticas en el diseño e implementación de APIs Mejores prácticas en el diseño e implementación de APIs
Mejores prácticas en el diseño e implementación de APIs
Arturo Garrido
 
Learn why use selenium with 3 million dollar bugs!
Learn why use selenium with 3 million dollar bugs!Learn why use selenium with 3 million dollar bugs!
Learn why use selenium with 3 million dollar bugs!
Edureka!
 

Recommandé

Android mobile app security offensive security workshop
Android mobile app security offensive security workshopAndroid mobile app security offensive security workshop
Android mobile app security offensive security workshop
Abhinav Sejpal
 
Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0Bug Bounty Hunter's Manifesto V1.0
Bug Bounty Hunter's Manifesto V1.0
Dinesh O Bareja
 
LKNOG3 - Bug Bounty
LKNOG3 - Bug BountyLKNOG3 - Bug Bounty
LKNOG3 - Bug Bounty
LKNOG
 
Bug Bounty Secrets
Bug Bounty Secrets Bug Bounty Secrets
Bug Bounty Secrets
n|u - The Open Security Community
 
GoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from withinGoSec 2015 - Protecting the web from within
GoSec 2015 - Protecting the web from within
IMMUNIO
 
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching VulnerabilitiesRailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
RailsConf 2015 - Metasecurity: Beyond Patching Vulnerabilities
IMMUNIO
 
Mejores prácticas en el diseño e implementación de APIs
Mejores prácticas en el diseño e implementación de APIs Mejores prácticas en el diseño e implementación de APIs
Mejores prácticas en el diseño e implementación de APIs
Arturo Garrido
 
Learn why use selenium with 3 million dollar bugs!
Learn why use selenium with 3 million dollar bugs!Learn why use selenium with 3 million dollar bugs!
Learn why use selenium with 3 million dollar bugs!
Edureka!
 
James jara portafolio
James jara portafolioJames jara portafolio
James jara portafolio
James Jara
 
How To Fix Bugs
How To Fix BugsHow To Fix Bugs
How To Fix Bugs
Software Projects Inc.
 
Bug Bounty Basics
Bug Bounty BasicsBug Bounty Basics
Bug Bounty Basics
HackerOne
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
OWASP Delhi
 
Build your mobile app from a to z presentation
Build your mobile app from a to z presentationBuild your mobile app from a to z presentation
Build your mobile app from a to z presentation
Seyedmostafa Safavi
 
Owasp Top 10-2013
Owasp Top 10-2013Owasp Top 10-2013
Owasp Top 10-2013
n|u - The Open Security Community
 
Mozilla Crash Analysis and Reporting
Mozilla Crash Analysis and ReportingMozilla Crash Analysis and Reporting
Mozilla Crash Analysis and Reporting
mozillamarcia
 
Uncovering Secrets of Progressive Web Apps
Uncovering Secrets of Progressive Web AppsUncovering Secrets of Progressive Web Apps
Uncovering Secrets of Progressive Web Apps
Maximiliano Firtman
 
Spyware
SpywareSpyware
Spyware
guest6fde72
 
Spyware and adware
Spyware and adwareSpyware and adware
Spyware and adware
Raja Kiran
 
Spyware Adware1
Spyware Adware1Spyware Adware1
Spyware Adware1
rubal_9
 
About my blog
About my blogAbout my blog
About my blog
simplyhillery
 
Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2
Abhinav Sejpal
 
Facebook voor bestuurders
Facebook voor bestuurdersFacebook voor bestuurders
Facebook voor bestuurders
simongryspeert
 
Breaking the mould_unlocking_the_benefits_of_a_tailored_upstream_operating_model
Breaking the mould_unlocking_the_benefits_of_a_tailored_upstream_operating_modelBreaking the mould_unlocking_the_benefits_of_a_tailored_upstream_operating_model
Breaking the mould_unlocking_the_benefits_of_a_tailored_upstream_operating_model
Francesco Legname
 
Semaforo Audiovisual
Semaforo AudiovisualSemaforo Audiovisual
Semaforo Audiovisual
Murilo Santos
 
Tfs branching guide_main_2010_v1
Tfs branching guide_main_2010_v1Tfs branching guide_main_2010_v1
Tfs branching guide_main_2010_v1
Timo Kuisma
 
Sheepskin Flurries
Sheepskin FlurriesSheepskin Flurries
Sheepskin Flurries
Paul M
 
Printversion ice summer school 1 7-2013.key
Printversion ice summer school 1 7-2013.keyPrintversion ice summer school 1 7-2013.key
Printversion ice summer school 1 7-2013.key
Jun Hu
 
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
ciberaulacso
 
Vek.od.ua Лидерство Доленко
Vek.od.ua Лидерство ДоленкоVek.od.ua Лидерство Доленко
Vek.od.ua Лидерство Доленко
Тренинговый Клуб "ВЕК"
 
Working With Passion by Tushar Joshi
Working With Passion by Tushar JoshiWorking With Passion by Tushar Joshi
Working With Passion by Tushar Joshi
Tushar Joshi
 

Contenu connexe

Tendances

Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
OWASP Delhi
 

Tendances (11)

James jara portafolio
James jara portafolioJames jara portafolio
James jara portafolio
 
How To Fix Bugs
How To Fix BugsHow To Fix Bugs
How To Fix Bugs
 
Bug Bounty Basics
Bug Bounty BasicsBug Bounty Basics
Bug Bounty Basics
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesGetting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
 
Build your mobile app from a to z presentation
Build your mobile app from a to z presentationBuild your mobile app from a to z presentation
Build your mobile app from a to z presentation
 
Owasp Top 10-2013
Owasp Top 10-2013Owasp Top 10-2013
Owasp Top 10-2013
 
Mozilla Crash Analysis and Reporting
Mozilla Crash Analysis and ReportingMozilla Crash Analysis and Reporting
Mozilla Crash Analysis and Reporting
 
Uncovering Secrets of Progressive Web Apps
Uncovering Secrets of Progressive Web AppsUncovering Secrets of Progressive Web Apps
Uncovering Secrets of Progressive Web Apps
 
Spyware
SpywareSpyware
Spyware
 
Spyware and adware
Spyware and adwareSpyware and adware
Spyware and adware
 
Spyware Adware1
Spyware Adware1Spyware Adware1
Spyware Adware1
 

En vedette

Semaforo Audiovisual
Semaforo AudiovisualSemaforo Audiovisual
Semaforo Audiovisual
Murilo Santos
 
Tfs branching guide_main_2010_v1
Tfs branching guide_main_2010_v1Tfs branching guide_main_2010_v1
Tfs branching guide_main_2010_v1
Timo Kuisma
 
Printversion ice summer school 1 7-2013.key
Printversion ice summer school 1 7-2013.keyPrintversion ice summer school 1 7-2013.key
Printversion ice summer school 1 7-2013.key
Jun Hu
 
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
ciberaulacso
 

En vedette (10)

About my blog
About my blogAbout my blog
About my blog
 
Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2Owasp top 10 web application security hazards part 2
Owasp top 10 web application security hazards part 2
 
Facebook voor bestuurders
Facebook voor bestuurdersFacebook voor bestuurders
Facebook voor bestuurders
 
Breaking the mould_unlocking_the_benefits_of_a_tailored_upstream_operating_model
Breaking the mould_unlocking_the_benefits_of_a_tailored_upstream_operating_modelBreaking the mould_unlocking_the_benefits_of_a_tailored_upstream_operating_model
Breaking the mould_unlocking_the_benefits_of_a_tailored_upstream_operating_model
 
Semaforo Audiovisual
Semaforo AudiovisualSemaforo Audiovisual
Semaforo Audiovisual
 
Tfs branching guide_main_2010_v1
Tfs branching guide_main_2010_v1Tfs branching guide_main_2010_v1
Tfs branching guide_main_2010_v1
 
Sheepskin Flurries
Sheepskin FlurriesSheepskin Flurries
Sheepskin Flurries
 
Printversion ice summer school 1 7-2013.key
Printversion ice summer school 1 7-2013.keyPrintversion ice summer school 1 7-2013.key
Printversion ice summer school 1 7-2013.key
 
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
CERTAMEN DE NAVIDAD. CIBER@AULA FRESNEDILLAS DE LA OLIVA.
 
Vek.od.ua Лидерство Доленко
Vek.od.ua Лидерство ДоленкоVek.od.ua Лидерство Доленко
Vek.od.ua Лидерство Доленко
 

Similaire à OWASP Bangalore meet - Android Mobile Security

Artificial intelligence teacher
Artificial intelligence teacherArtificial intelligence teacher
Artificial intelligence teacher
Rekha Verma
 
10 TRENDS IN STAFFING TECH — DON'T GET BLINDSIDED
10 TRENDS IN STAFFING TECH — DON'T GET BLINDSIDED10 TRENDS IN STAFFING TECH — DON'T GET BLINDSIDED
10 TRENDS IN STAFFING TECH — DON'T GET BLINDSIDED
Human Capital Media
 
Youth-Led Tech Curriculum Day 20
Youth-Led Tech Curriculum Day 20Youth-Led Tech Curriculum Day 20
Youth-Led Tech Curriculum Day 20
Smart Chicago Collaborative
 
Irresponsible Disclosure: Short Handbook of an Ethical Developer
Irresponsible Disclosure: Short Handbook of an Ethical DeveloperIrresponsible Disclosure: Short Handbook of an Ethical Developer
Irresponsible Disclosure: Short Handbook of an Ethical Developer
Lemi Orhan Ergin
 
English (US)_Classroom Toolkit - Unlocking Generative AI Safely and Responsib...
English (US)_Classroom Toolkit - Unlocking Generative AI Safely and Responsib...English (US)_Classroom Toolkit - Unlocking Generative AI Safely and Responsib...
English (US)_Classroom Toolkit - Unlocking Generative AI Safely and Responsib...
AdliAlimi1
 
Rating tools technology assesment 2
Rating tools technology assesment 2Rating tools technology assesment 2
Rating tools technology assesment 2
Marker671
 
And i thoughtiknewqtp_preview
And i thoughtiknewqtp_previewAnd i thoughtiknewqtp_preview
And i thoughtiknewqtp_preview
Saurabh Singh
 
And I thought I knew QTP - QTP Concepts Unplugged
And I thought I knew QTP - QTP Concepts UnpluggedAnd I thought I knew QTP - QTP Concepts Unplugged
And I thought I knew QTP - QTP Concepts Unplugged
Tarun Lalwani
 

Similaire à OWASP Bangalore meet - Android Mobile Security (20)

Working With Passion by Tushar Joshi
Working With Passion by Tushar JoshiWorking With Passion by Tushar Joshi
Working With Passion by Tushar Joshi
 
Elliott and Frizzell Top 10 Apps Presentation
Elliott and Frizzell Top 10 Apps PresentationElliott and Frizzell Top 10 Apps Presentation
Elliott and Frizzell Top 10 Apps Presentation
 
Artificial intelligence teacher
Artificial intelligence teacherArtificial intelligence teacher
Artificial intelligence teacher
 
Lean Startup Machine - Mobile App Development
Lean Startup Machine - Mobile App DevelopmentLean Startup Machine - Mobile App Development
Lean Startup Machine - Mobile App Development
 
How to think smarter about software development
How to think smarter about software developmentHow to think smarter about software development
How to think smarter about software development
 
10 TRENDS IN STAFFING TECH — DON'T GET BLINDSIDED
10 TRENDS IN STAFFING TECH — DON'T GET BLINDSIDED10 TRENDS IN STAFFING TECH — DON'T GET BLINDSIDED
10 TRENDS IN STAFFING TECH — DON'T GET BLINDSIDED
 
Peerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter MeetPeerlyst Delhi NCR Chapter Meet
Peerlyst Delhi NCR Chapter Meet
 
Youth-Led Tech Curriculum Day 20
Youth-Led Tech Curriculum Day 20Youth-Led Tech Curriculum Day 20
Youth-Led Tech Curriculum Day 20
 
Nick_Miller
Nick_MillerNick_Miller
Nick_Miller
 
Irresponsible Disclosure: Short Handbook of an Ethical Developer
Irresponsible Disclosure: Short Handbook of an Ethical DeveloperIrresponsible Disclosure: Short Handbook of an Ethical Developer
Irresponsible Disclosure: Short Handbook of an Ethical Developer
 
English (US)_Classroom Toolkit - Unlocking Generative AI Safely and Responsib...
English (US)_Classroom Toolkit - Unlocking Generative AI Safely and Responsib...English (US)_Classroom Toolkit - Unlocking Generative AI Safely and Responsib...
English (US)_Classroom Toolkit - Unlocking Generative AI Safely and Responsib...
 
Rating tools technology assesment 2
Rating tools technology assesment 2Rating tools technology assesment 2
Rating tools technology assesment 2
 
Getting started with hacking android & i os apps tools, techniques and re...
Getting started with hacking android & i os apps tools, techniques and re...Getting started with hacking android & i os apps tools, techniques and re...
Getting started with hacking android & i os apps tools, techniques and re...
 
Infosec is Broken “did you bring a knife to a gun fight?"
Infosec is Broken “did you bring a knife to a gun fight?"Infosec is Broken “did you bring a knife to a gun fight?"
Infosec is Broken “did you bring a knife to a gun fight?"
 
Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1Owasp top 10 web application security hazards - Part 1
Owasp top 10 web application security hazards - Part 1
 
A6 pragmatic journey into cyber security
A6 pragmatic journey into cyber securityA6 pragmatic journey into cyber security
A6 pragmatic journey into cyber security
 
Are you a lean mobile startup? Applying lean startup principles to mobile app...
Are you a lean mobile startup? Applying lean startup principles to mobile app...Are you a lean mobile startup? Applying lean startup principles to mobile app...
Are you a lean mobile startup? Applying lean startup principles to mobile app...
 
And i thoughtiknewqtp_preview
And i thoughtiknewqtp_previewAnd i thoughtiknewqtp_preview
And i thoughtiknewqtp_preview
 
And I thought I knew QTP - QTP Concepts Unplugged
And I thought I knew QTP - QTP Concepts UnpluggedAnd I thought I knew QTP - QTP Concepts Unplugged
And I thought I knew QTP - QTP Concepts Unplugged
 
SearchLove London | Will Critchlow, 'The Threat of Mobile'
SearchLove London | Will Critchlow, 'The Threat of Mobile' SearchLove London | Will Critchlow, 'The Threat of Mobile'
SearchLove London | Will Critchlow, 'The Threat of Mobile'
 

Dernier

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

OWASP Bangalore meet - Android Mobile Security

  • 1. Oh Yes, I love your private data Android App Security Bangalore Meet up @ Abhinav Sejpal Fidelity Investments
  • 2. WHO AM I Next Generation problem Solver Researcher & Reader in free time Speaker at Facilitator at Weekend Testing Crowd Tester (AKA. Bug bounty Hunter) Reported Security Vulnerabilities for 50+ unique customers all over the world inlcluding Apple, yahoo, Outlook, adobe & etc. Love to develop nasty code & Hack it :) Works as Security Researcher at AKA. Bug Wrangler Null & OWASP Community Accenture Digital Mobility
  • 4. DISCLAIMER This Presentation is intended for educational purposes only and I cannot be held liable for any kind of damages done whatsoever to your machine, or other damages. Please - Don't try this attack on any others system without having context knowledge or permission, this may harm to someone directly or indirectly. Feel free to use this presentation for practice or education purpose. It's no way related to my employer - its my own research and ideas. ^ I hope - You gotcha ^
  • 5. SOCIAL MEDIA FEED Hashtag for this session #OWASPBlr, #MobileSecurity : Twitter handle for feedback : @ @OWASPBangalore Abhinav_Sejpal
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23. INDIAN HACKERS/INFOSEC GUYS & GROUPS YOU SHOULD BE FOLLOWING IN TWITTER Thank-you http://garage4hackers.com/ community
  • 24. @ , @ @ and @ CREDITS anantshri exploitprotocol adi1391 5h1vang Big thank and you one & All.OWASPBANGALORE
  • 25. YES - I'M DONE! Feel free to write me at bug.wrangler at outlook.com
  • 26. LICENSE AND COPYRIGHTS https://slides.com/abhinavsejpal/owasp-androidsecurity copyrights 2015-2016 Abhinav Sejpal ----- (CC BY-NC-ND 3.0) Attribution-NonCommercial-NoDerivs 3.0 Unported Dedicated to my lovely daddy