What this book covers
Chapter 1, Android Development Tools, introduces us to setting up and running the tools developers use to cook up Android applications and native-level components on the Android platform. This chapter also serves as an introduction to those who are new to Android and would like to know what goes into setting up the common development environments and tools.
Chapter 2, Engaging with Application Security, introduces us to the components offered by the Android operating system, dedicated to protecting the applications. This chapter covers the manual inspection and usage of some of the security-relevant tools and services used to protect applications and their interaction with the operating system.
Chapter 3, Android Security Assessment Tools, introduces some of the popular as well as new and upcoming security tools and frameworks used by Android security specialists to gauge the technical risks that applications expose their users to. Here you will learn to set up, run, and extend the hacking and reverse engineering tools that will be used in later chapters.
Chapter 4, Exploiting Applications, covers the casing exploitation techniques that target the Android applications. The content in this chapter spans all the Android application component types and details how to examine them for security risks, both from a source code and inter-application context. It also introduces more advanced usage of the tools introduced in Chapter 3, Android Security Assessment Tools.
Chapter 5, Protecting Applications, is designed to be the complete opposite of Chapter 4, Exploiting Applications. Instead of talking purely about application flaws, this chapter talks about application fixes. It walks readers through the useful techniques that developers can use to protect the applications from some of the attacks, which are detailed in Chapter 4, Exploiting Applications.
Chapter 6, Reverse Engineering Applications, helps the readers to learn to crack open the applications and teaches them the techniques that Android reverse engineers use to examine and analyze applications. You learn about the Dex file format in great detail, as well as how to interpret Dex bytecode into useful representations that make reverse engineering easier. The chapter also covers the novel methods that reverse engineers can use to dynamically analyze applications and native components while they are running on an Android operating system.
Chapter 7, Secure Networking, helps the readers to delve into the practical methods that application developers can follow to protect data while in transit across the network. With these techniques, you will be able to add stronger validation to the Secure Sockets Layer (SSL) communications.
Chapter 8, Native Exploitation and Analysis, is dedicated to covering the security assessment and testing techniques focused on the native context of the Android platform. Readers will learn to look for security flaws that can be used to root phones and escalate privileges on the Android systems as well as perform low-level attacks against native services, including memory corruption and race condition exploitation.
Chapter 9, Encryption and Developing Device Administration Policies, is focused heavily on how to use encryption correctly and avoid some of the common anti-patterns to keep data within your application secure. It recommends several robust and timesaving third-party libraries to quickly yet securely enhance the security of your applications. To wrap up, we will cover how to use the Android Device Administration API to implement and enforce enterprise security policies.