Android Pentesting

This repository contains hands-on training content for conducting Android app pentesting using some of the common Android pentesting tools.

Note: Currently, we are using the vulnerable Android app called VyAPI in all our examples presented here.

1. Environment Setup
2. Reverse Engineering
3. Identifying vulnerabilities using common tools
   1. Android Debug Bridge
   2. MobSF
   3. Drozer
4. Identifying technology-specific vulnerabilities
   • Amazon Cognito Authorization Issue