Learning Penetration Testing of Android Applications
Learning Penetration Testing of Android Applications
The should be very easy. We configured two virtual machines with all tools you need here:
OWASP Android VM.ova
- Android 5 VM for the Android App Pentest Workshop (SHA256 236917e4953af0b336f373e72e63946a96ade543107f32acf88df12d9e79755a
)OWASP Ruhrpott.ova
- Ubuntu based VM for the OWASP Android App Pentest Workshop (SHA256 419e7161172b8270cc2c83f7957a4311b57a63f5229cac4d082c4fec6007dd59
)The following are hardware and software recommendations:
File -> Import Appliance ...
.VBoxManage dhcpserver add --netname intnet --ip 10.13.13.100 --netmask 255.255.255.0 --lowerip 10.13.13.101 --upperip 10.13.13.254 --enable
10.13.13.101
. (PIN: 0000)10.13.13.102
. (pentester:owasp2017)This repository was used in previous Workshops and the following table is used to reference them:
What | Where | When | Slides | Link |
---|---|---|---|---|
OWASP Stammtisch Ruhrpott | Essen, Germany | 31.01.17 | Slides | Wiki |
OWASP Stammtisch Ruhrpott | Essen, Germany | 04.03.17 | Slides | Wiki |
SHA2017 | Zeewolde, Netherlands | 05.08.17 | Slides | Link |
It would be nice if you give us a small notice, when you are doing a workshop with our project so we can reference it here.
You can contribute via a pull request or an issue with a bug or a feature request. Please keep in mind that we are developing this project in our free time so a response might take some time. To contribute with challenges see the CONTRIBUTING.md file.
In the case you are get stuck with a challenge, see the wiki for hints.