Android Pentesting - Hands-On



Android Pentesting Training is a One-Day Hands-On Training to be conducted at Seasides.

The training is carefully crafted for students as well as professionals interested in making a head-start into Android Information Security domain.

This training involves real world scenarios that every security professional must be well versed with. It involves understanding Android Application Package (APK) and methodologies to properly analyze apps from zero.

It covers the internals of Android Penetration testing, starting from the understanding lab setup, real time testing of applications, overcoming hurdles while testing through concepts of dynamic instrumentation and covering OWASP Mobile Top 10 vulnerabilities.

Following topics will be covered during the session:

  1. Understanding penetration testing lab environment
  2. Reversing Android Application (APK)
  3. Analyzing the application code and finding the vulnerabilities
  4. Hands-on Static Analysis
  5. Hands-on Dynamic Analysis
  6. Decompiling application code to understand implementation logic
  7. Recompiling Android app code to bypass various validation checks
  8. Dynamic Instrumentation using tools like Frida
  9. Cover OWASP Mobile Top 10 (inlcuding but not limited to following):
    • Insecure Data Storage
    • Code Tampering
    • Insecure Authentication
    • Reverse Engineering
    • Hunting for hardcoded information, etc


According to the feedback we have collected from our previous trainings, students who have mobile application development and application penetration testing experience enjoyed and benefited the most from the course.

What will you learn!

  • Android Hacking
  • Android App Reversing
  • Mobile Application Security
  • Finding Vulnerabilities


  • Laptop with minimum 30 GB Hard Disk Space & 8 GB RAM with administrative privileges (Linux preferred)
  • Updated Virtual-box installed
  • 2 Functional USB Ports

About Trainer :

Shivang Desai is a senior security researcher at Microsoft. His work majorly focuses on enhancing security for mobile products and developing methodologies to mitigate further attacks on organisations.

He has 9+ years of experience in the mobile security field. He is an avid blogger and his blogs have been referenced in various international media including Forbes, Fox News, The Mirror, The Register, etc.