Android Security & Reverse Engineering YouTube Curriculum

Table of Contents

1. Android Exploits & Attacks
2. Android Permissions & Privileges
3. Android Webviews & Javascript Interfaces
4. Android Reverse Engineering & Obfuscation
5. Android Bluetooth Security
6. Payment Systems & ATMs
7. Android Malware & Surveillance
8. Android Hardware Vectors
9. Android GPU Attacks
10. Baseband Attacks

Android Exploits & Attacks

• Dirty Stream Attack, Turning Android Share Targets Into Attack Vectors
  • Black Hat Asia 2023 by Dimitrios Valsamaras
• TiYunZong Exploit Chain to Remotely Root Modern Android Devices
  • Black Hat USA 2020 by Guang Gong
• Breaking Samsung's Root of Trust: Exploiting Samsung S10 Secure Boot
  • Black Hat USA 2020 by By Cheng-Yu Chao, Hung Chi Su and Che-Yang Wu
• Android Parcels: The Bad, the Good and the Better
  • Black Hat Europe 2022 by Hao Ke, Bernardo Rufino, Maria Uretsky, Yang Yang
• A Deep Dive into Privacy Dashboard of Top Android Vendors
  • Black Hat Europe 2021 by Bin Ma, Xiangxing Qian, Wei Wen & Zhenyu Zhu
• Simple Spyware: Android's Invisible Foreground Services
  • Black Hat Europe 2019 by Thomas Sutter and Bernhard Tellenbach
• HITB2021AMS KEYNOTE 2: The State Of Mobile Security
  • Hack In The Box Security Conference Amsterdam 2020 by Zuk Avraham
• #HITBLockdown002 D1T1 - Zen: A Complex Campaign of Harmful Android Apps - Łukasz Siewierski
  • Hack In The Box Security Conference Lockdown 2021 by Łukasz Siewierski
• Elevating The TrustZone To Achieve A Powerful Android Kernel Exploit
  • Nullcon Goa 2022 by Tamir Zahavi
• SigMorph: Covert Communication Exploiting Android Signing Schemes
  • Nullcon Goa 2023 by by Ayan Saha And Achute Sharma
• Revisiting Stealthy Sensitive Information Collection from Android Apps
  • Black Hat Asia 2023 by Guangdong Bai, Guangshuai Xia, Qing Zhang
• Start Arbitrary Activity App Components as System User: Vulnerability Affecting Samsung Android Devices
  • Black Hat Asia 2022 by Ryan Johnson, Mohamed Elsabagh, Angelos Stavrou
• ExplosION: The Hidden Mines in the Android ION Driver
  • Black Hat Asia 2022 by Le Wu, Xuen Li, Tim Xia
• A Mirage of Safety Bug Finding & Exploit Techniques of Top Android Vendor's Privacy Protection Apps
  • Black Hat Asia 2021 by Huiming Liu & Xiangqian Zhang
• (UN)protected Broadcasts in Android 9 & 10
  • Black Hat Asia 2021 by Ryan Johnson
• BAD BINDER: Finding an Android in the Wild 0day
  • OffensiveCon20 by Maddie Stone
• Still Vulnerable Out of the Box: Revisiting the Security of Prepaid Android Carrier Devices
  • DEFCON 31 by Ryan Johnson
• Android Bug Foraging
  • DEF CON 28 Safe Mode AppSec Village by Pedro Umbelino ,João Morais
• Exploiting Samsung: Analysis of an in-the-wild Samsung Exploit Chain
  • Ekoparty 2022 by Maddie Stone
• Lost in Conversion: Exploit Data Structure Conversion with Attribute Loss to Break Android Systems
  • USENIX Security 2023 by Rui Li
• When Exploits Aren't Binary - Keynote
  • BSides Canberra 2023 by Maddie Stone
• Bugfinding & Exploit Techniques Android File Transfer Apps
  • DEF CON 27 by Xiangqian Zhang
• Bug Hunting S21’s 10ADAB1E FW
  • OffensiveCon22 by Federico Menarini and Martijn Bogaard
• Path traversal attacks on Android
  • Ekoparty 2023: Mobile Hacking Village by Lukas Stefanko
• The Living Dead: Hacking Mobile Face Recognition SDKs with Non-Deepfake Attacks
  • Black Hat USA 2023 by By: Wing Cheong Lau , Kaixuan Luo , Xianbo Wang
• Racing Against the Lock: Exploiting Spinlock UAF in the Android Kernel
  • OffensiveCon23 by Moshe Kol
• Hacking & Securing Android Applications
  • OWASP 2023 Global AppSec DC by Daniel Llewellyn

Android Permissions & Privileges

• Bypassing Android Permissions From All Protection Levels
  • DEFCON 30 by Nikita Kurtin
• Hacking Android Foreground Services Escalation Of Privileges
  • Nullcon Goa 2022 by Rony Das
• Re-route Your Intent for Privilege Escalation: A Universal Way to Exploit Android PendingIntents in High-profile and System Apps
  • Black Hat Europe 2021 by En He
• Permissionless Android Universal Overlays
  • InsomniHack 2023 by Dimitrios Valsamaras
• Inter-App Collusion: Exploiting the Improper Export of Android Application Components for Privilege Elevation & Credential Theft
  • Shmoocon 2024 by Edward Warren

Android Webviews & Javascript Interfaces

• The Tangled Webview - Javascriptinterface Once More
  • Black Hat Asia 2021 by Ce Qin
• Using Android WebViews to Steal All the Files
  • Shmoocon 2020 by Jesson Soto Ventura
• AutoSpill: Zero Effort Credential Stealing from Mobile Password Managers
  • Black Hat Europe 2023 by By: Ankit Gangwal , Shubham Singh , Abhijeet Srivastava

Android Reverse Engineering & Obfuscation

• Securing the System: Reversing Android Pre-Installed Apps
  • Black Hat USA 2019 by Maddie Stone
• Beyond Java: Obfuscating Android Apps with Native Code
  • TROOPERS23 by Laurie Kirk
• Runtime Riddles: Manipulation Points in the Android Source
  • DEFCON 31 by Laurie Kirk
• Unmasking the Godfather - Reverse Engineering the Latest Android Banking Trojan
  • Strange Loop Conference 2023 by Laurie Kirk
• ADBHoney: Low interaction honeypot designed for Android Debug Bridge
  • Android Security Symposium 2020 by Gabriel Cirlig
• Dissecting the Modern Android Data Encryption Scheme
  • Recon 2023 by Maxime Rossi and Damiano Melotti
• Endoscope: Unpacking Android Apps with VM-Based Obfuscation
  • Black Hat USA 2023 By: Fan Wu , Xuankai Zhang

Android Bluetooth Security

• Deep into Android Bluetooth Bug Hunting: New Attack Surfaces & Code Patterns
  • Black Hat Europe 2022 by Zinuo Han
• Stealthily Access Android Phones: Bypass the Bluetooth Authentication
  • Black Hat USA 2020 by Sourcell Xu and Xin Xin

Payment Systems & ATMs

• Contactless Overflow Code Execution in Payment Terminals & ATMs
  • DEFCON 31 by Josep Rodriguez
• Turning my virtual wallet into a skimming device
  • DEFCON 31 by Borgogno, Barrionuevo
• How an android application can drain your wallet
  • Bsides Lisbon 2022 by Dimitrios Valsamaras

Android Malware & Surveillance

• Zen: A Complex Campaign of Harmful Android Apps
  • HITB Lockdown 2020 by Łukasz Siewierski
• Android malware targeting Belgian Financial apps
  • BruCON 0x0D 2021 by Jeroen Beckers
• Vulnerabilities discovered in Android stalkerware
  • Ekoparty 2021: Mobile Hacking by Lukas Stefanko
• Monitoring Surveillance Vendors: In-the-Wild Android Full Chains in 2021
  • Black Hat USA 2022 by Xingyu Jin, Richard Neal, Christian Resell, Clement Lecigne
• PRC's Use of Mobile Surveillance for Tracking the Uighur population in China and Abroad
  • CYBERWARCON 2022 by Kristina Balaam
• Can You Hear Me Now? Remote Eavesdropping Vulnerabilities in Mobile Messaging Applications
  • Black Hat USA 2021 by Natalie Silvanovich

Android Hardware Vectors

• Dissecting The Modern Android Data Encryption Scheme
  • Hardwear.io NL 2023 by Maxine Rossi & Damiani Melotti
• Physical Attacks Against Smartphones
  • DEFCON 31 by Christopher Wade
• Attack on Titan M, Reloaded: Vulnerability Research on a Modern Security Chip
  • Black Hat USA 2022 by: Damiano Melotti , Maxime Rossi Bellom
• Breaking The Impossible: Bypassing Android's Secure Hardware Backed Attestation
  • BSides Basingstoke 2022 by Joseph Foote
• Dissecting The Modern Android Data Encryption Scheme
  • Hardwear.io NL 2023 by Maxime Bellom & Damiano

Android GPU Attacks

• Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers
  • Black Hat USA 2022 by Jon Bottarini, Xingyu Jin, Richard Neal
• Make KSMA Great Again: The Art of Rooting Android Devices by GPU MMU Features
  • Black Hat USA 2023 By: Yong Wang
• Bad io_uring: A New Era of Rooting for Android
  • Black Hat USA 2023 By: Zhaofeng Chen , Kang Li , Zhenpeng Lin , Xinyu Xing
• New Phones, Software & Chips = New Bugs?
  • OffensiveCon23 by Martijn Bogaard
• Driving Forward in Android Drivers: Exploring the future of Android kernel hacking.
  • Shmoocon 2024 by Seth Jenkins
• Evils in the Sparse Texture Memory: Exploit Kernel Based on Undefined Behaviors of Graphic APIs
  • Black Hat Europe 2023 by By: Xingyu Jin , Tony Mendez , Richard Neal

Baseband Attacks

• How to Hack Shannon Baseband (from a Phone)
  • OffensiveCon23 by Natalie Silvanovich
• Over the Air, Under the Radar: Attacking and Securing the Pixel Modem
  • Black Hat USA 2023 by Xiling Gong , Farzan Karimi , Eugene Rodionov , Xuan Xing
• Embedded Threats
  • OffensiveCon23 by Markus Vervier
• A walk with Shannon: A walkthrough of a pwn2own baseband exploit - Amat Cama
  • InsomniHack 2018 by Amat Cama