forked from sundaysec/Android-Exploits
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
32 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,2 +1,33 @@ | ||
| # Android-Exploits | ||
| A collection of android Exploits | ||
| A collection of android Exploits and guide on android exploitation | ||
|
|
||
| ## OWASP Top 10 Mobile Risks | ||
| 1. Insecure Data Storage | ||
| 2. Weak Server Side Controls | ||
| 3. Insufficient Transport Layer Protection | ||
| 4. Client Side Injection | ||
| 5. Poor Authorization and Authentication | ||
| 6. Improper Session Handling | ||
| 7. Security Decisions Via Untrusted Inputs | ||
| 8. Side Channel Data Leakage | ||
| 9. Broken Cryptography | ||
| 10. Sensitive Information Disclosure | ||
|
|
||
| ### Common Tools | ||
| * SSH | ||
| * VNC server | ||
| * A compiler (gcc / agcc) | ||
| * Android SDK (adb!) | ||
| * XCode | ||
| * Jailbroken iDevice | ||
| * Rooted Android Device | ||
|
|
||
| ## Books and Articles | ||
| * [A survey of Android exploits in the wild](https://www.researchgate.net/profile/Huasong_Meng/publication/323635885_A_survey_of_Android_exploits_in_the_wild/links/5b308982a6fdcc8506cb92a7/A-survey-of-Android-exploits-in-the-wild.pdf?origin=publication_detail) - The Android operating system Exploitation Survey | ||
| * [Popular Android Exploits](http://gauss.ececs.uc.edu/Courses/c653/lectures/PDF/security.pdf) - Introduction to Android Exploits. | ||
| * [Own your Android! Yet Another Universal Root](https://www.blackhat.com/docs/us-15/materials/us-15-Xu-Ah-Universal-Android-Rooting-Is-Back-wp.pdf) - Android root exploitation | ||
| * [ASDC12-Smart_Bombs_Mobile_Vulnerability_and_Exploitation](https://www.owasp.org/images/9/95/ASDC12-Smart_Bombs_Mobile_Vulnerability_and_Exploitation.pdf) - Mobile Vulnerability Exploitation | ||
| * [BlueBorne - Android Exploit](https://go.armis.com/hubfs/BlueBorne%20-%20Android%20Exploit.pdf) - Exploiting an RCE Over the Air | ||
| * [BlueBorne - Android Exploit](https://go.armis.com/hubfs/BlueBorne%20-%20Android%20Exploit.pdf) - Exploiting an RCE Over the Air | ||
| * [EVOLUTION OF ANDROID EXPLOITS](https://www.virusbulletin.com/uploads/pdf/conference_slides/2014/SzalayChandraiah-VB2014.pdf) - Evolution of Android exploits from a statistical analysis tool perspective | ||
| * [Hacking Androids for Fun and for Profit](https://conference.hitb.org/hitbsecconf2011kul/materials/D1T1%20-%20Riley%20Hassell%20-%20Exploiting%20Androids%20for%20Fun%20and%20Profit.pdf) - Android Exploitation |