Regresar

Risk analysis and Android application penetration testing based on OWASP 2016

Abstract:

Mobile Applications have become part of our daily lives so that almost every web or desktop application can be executed from a smartphone, i.e., social networking, Internet shopping, on-line banking, gaming applications, among others. Furthermore, most of the existing mobile applications in digital stores are Android-based applications. Security in these kinds of applications is an issue that must be addressed because they handle sensitive personal information exposed to be exploited or misused by malicious agents. In this context, we have performed a complete security penetration testing on several Android applications following the most common risks according to OWASP mobile 2016 and using different tools such as Drozer, Dex2jar, Android Debug Bridge, among others. We describe the vulnerability, type of attack, application analyzed, and external tools used for each scenario. Once the …

Año de publicación:

2021

Keywords:

    Fuente:

    googlegoogle

    Tipo de documento:

    Other

    Estado:

    Acceso abierto

    Áreas de conocimiento:

    • Software

    Áreas temáticas:

    • Programación informática, programas, datos, seguridad
    • Derecho
    • Instrumentos de precisión y otros dispositivos

    Contribuidores:

    Thomás Borja SaltosThomás Borja Saltos
    Ángel Leonardo Valdivieso CaraguayÁngel Leonardo Valdivieso Caraguay
    Lorena Isabel Barona LópezLorena Isabel Barona López