Explore QARK, a powerful Android app security analysis and exploitation tool, in this AppSecUSA 2015 conference talk. Learn how QARK combines static code analysis, source-sink mapping, and automatic exploitation to help developers protect their apps and assist pentesters in identifying vulnerabilities. Discover how this metasploit-style framework for Android apps can review applications from source or APK, highlight version-specific issues, detail attack surfaces, and create on-demand proof-of-concept attack applications. Gain insights from security experts Tushar Dalvi and Tony Trummer as they demonstrate QARK's capabilities in identifying misconfigurations, citing relevant research, and simplifying the process of securing Android applications.
QARK: Android App Exploit and Static Code Analysis Tool
Overview
Syllabus
Tushar Dalvi & Tony Trummer - QARK: Android App Exploit and SCA Tool - AppSecUSA 2015
Taught by
OWASP Foundation
Related Courses
-
Android App Development & Android Hacking, Android Security
-
Pentesting Android Applications
-
Dynamic Source-Sink Analysis for Java Applications - From the Ground Up
-
Reverse Engineering Tutorials
-
Hacking and Securing Android Applications - Vulnerabilities and Prevention
-
Sexy Mobile App Attacks by Example - 2019
