Android Pentesting - Android Architecture + Static Analysis with apktool + gf + jadx - Pt. 01
HTML-код
- Опубликовано: 21 авг 2024
- In this video we would start with android pentesting :
- Basics of Android Architecture
Security Features in Android
- APK Structures
Installing apktool & jadx-gui
Understanding folder structure & files
Finding secrets in apps
- Exploiting a real world app
Searching for secrets
AndroidManifest.xml
Strings.xml
Raw resources
Using gf to search for secrets
Validating these secrets
▬▬▬▬▬▬ 🔗 Links ▬▬▬▬▬▬
manifestsecuri...
hackerone.com/...
▬▬▬▬▬▬ 🔗 Other Links ▬▬▬▬▬▬
🔥Stay Up-To-Date with latest in CyberSecurity and Bug Bounty Tips 🔥
omnisec.app/
💸 $100 Digital Ocean referral link :💸
m.do.co/c/5e8e...
Google FeedBack Form : forms.gle/rA9o...
Discord : / discord
Subreddit : / hackingsimplified
Telegram : t.me/hackingsi...
Hope it was worth your time.
Stay tuned.
Thank you everyone :)
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
Disclaimer :
These materials are for educational and research purposes only.
Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW! The creator of this video, nor anyone else affiliated in any way, is going to accept responsibility for your actions.
------------------------------------------------------------------------------------------------------------------------
#hacking #HackingSimplified #StartHacking #beTheHACR #websecurity #howtohack #hack #howtobeahacker #hackingCourse #bugBounty #bug #bounty #hacker #freeHacking #freecourse
hacking ,HackingSimplified, Hacking Simplified, Start Hacking ,Be The HACR, web security, how to be a hacker, free hacking, free hacking course, web security,hacking Course,bug Bounty,hacker,bug bounty,cyber security,bug bounty hunting
If you like the content, make sure to like and subscribe. Share this to reach as many folks as possible :)
bro am using kali linux gf command is not working bro
You and your smile will be a legend my friend. You've made some awesome tools and content, for real I'm pretty surprised you haven't blown up yet. Keep it up, they're coming
Thanks Chase. This really made my day 🙌😀
Thank you bro, learned something.
Your videos are really informative.Thanks alot man for making such informative video.Keep it up .☺️👍
Thanks mate 😃🙌
Really useful video, added the gf tool to my tooling! Keep them up
Thanks mate 😀
Nice video waiting for more videos on andro pentest 😁
Thanks mate. If you like the content, consider sharing it :D
@@HackingSimplifiedAS sure 😁
Very well explained. your videos are always awesome.
This is really good vid ,thanks man
Very good content. Hoping for more android pen testing contents.
Thanks mate. If you like the content, consider sharing it :D
Really appreciate your work, keep going👍
Thanks mate.
@@HackingSimplifiedAS waiting for next part💕
Your content is very helpful!!! I have one suggestion please don't background music!! sometimes it's distracting...
Thanks 🙌
Will work on that 😃🙌
Evergreen content
Thanks mate 🙌
very good approach man...
Thanks
02:30 Android architecture 07:20 sandbox 07:37 APK file structure
Thank you. It helped me a lot.
Hey, This is the video one needs to start with Android Pentesting. I have setup everything on Windows. Can you please create an installation guide for gf tool on Windows. Will be great help.
Thanx for the awsome content!
Thanks mate. If you like the content, consider sharing it :D
Thanks for your help ☺️
I cannot find the apk that you used in the video. Can you please upload a copy and share the link if you have so that I can follow?
Edit: I found it on apksum and it is only website that has versions from 2019.
You are making great content man if need any help ping us really great material
Thanks mate. If you like this share this :D
Hey, thank you for the video its very helpful.
Is there any good Static Analysis tool? And how accurate are they?
MobSF is good. You can try that.
@@HackingSimplifiedAS Thank you for answering, do you have any good resources where I can learn more about static analysis.
Waiting for second part and my question is what you've shown on gui starting of video decompilation is same in the last of video with apktool with storing file in that directory right. We can perform same thing on terminal with gf pattern search.
Terminal pe hi to kiya 🤔
@Hacking Simplified is this io. fabric.ApiKey can be consider as sensitive API key
Good Topic
Thanks mate. If you like the content, consider sharing it :D
I can say this will be a goto resource for learning android pt. Good content make part 2 buddy.
Sure. Thanks 🙌
Means a lot.
🔥👍
what about if a applicaton made up Reactnactive or flutter
Same for those as well
Heyy Can U make videos on finding bugs in Java Script
please dynamic analysis with drozer, frida, etc
Nyc Video great explanation Buddy Thanks for such great content. Just wanted to know which Linux distribution you are using....
Ubuntu, recently on manjaro. I try different things. But mostly it's Ubuntu.
Waiting for pt 2
Bro can u make a video on wat n all to look for in a android pentest
Omnisec link for security updates is not working . Please
your content is ows0me i lik3 it
Thanks mate. If you like the content, consider sharing it :D
next
How to decompile JNI based files in android app?
hi, can you plz tell me how to increase heap size error when i open any apk into jadx
Awesome video.... Can you let me know if there is any automated dast tool for mobile app
You can see mobsf , it has dast as well.
Are there any commercial tool? Also is there any difference between web application dast and mobile application dast?
we need android pentesting with burpsuite.plzzzzzzzzzzz
Very soon :)
omnisec app is not working.
Will be live by next month
next....
if u really want to explain then why r u disturbing with background music...
Aree bhai jara hindi me bolo to india ke kuch log smaja paay
Plz make video in hindi 😑😑
There's a reason he uses english, because more audience can understand the content .
@@yrks1109 yes bro you are right 👌😁
Done Hack th3