Explore QARK, a powerful Android app security analysis and exploitation tool, in this AppSecUSA 2015 conference talk. Learn how QARK combines static code analysis, source-sink mapping, and automatic exploitation to help developers protect their apps and assist pentesters in identifying vulnerabilities. Discover how this metasploit-style framework for Android apps can review applications from source or APK, highlight version-specific issues, detail attack surfaces, and create on-demand proof-of-concept attack applications. Gain insights from security experts Tushar Dalvi and Tony Trummer as they demonstrate QARK's capabilities in identifying misconfigurations, citing relevant research, and simplifying the process of securing Android applications.
QARK: Android App Exploit and Static Code Analysis Tool
Overview
Syllabus
Tushar Dalvi & Tony Trummer - QARK: Android App Exploit and SCA Tool - AppSecUSA 2015
Taught by
OWASP Foundation
Related Courses
-
Android App Development & Android Hacking, Android Security
-
Android Hacking:Â Ethical Hacking for Android Apps & Devices
-
Application Analysis with SonarQube
-
Pentesting Android Applications
-
Dynamic Source-Sink Analysis for Java Applications - From the Ground Up
-
Hacking and Securing Android Applications - Vulnerabilities and Prevention
