Overview
Explore techniques for finding sensitive data in Android applications in this 45-minute presentation by Nerdwell. Examine common developer assumptions about mobile app security and learn how to invalidate them. Discover new tools that streamline the Android hacking workflow for bug bounty hunters. Gain insights into accessing, identifying, and extracting sensitive data from apps' internal storage. Learn how to maximize the security impact of findings for effective bug bounty reports. Review hardware and software setup, participate in demos on accessing and extracting private app data, and access valuable resources and references for further learning.
Syllabus
Intro
INFO PROTECTION IN ANDROID APPS
COMMON DEVELOPER ASSUMPTIONS
TOOLS Hardware Setup
TOOLS Software Setup
DEMO Accessing Private App Data
DEMO Extracting Private Data
RESOURCES & REFERENCES
Taught by
Bugcrowd