This is a single day, technical, hands-on training that is focused around the general security architecture and different analysis techniques for Android. This is a course suited for security analysts and reverse engineers, as well as mobile application developers concerned with the security posture of their application.
We will address security by design principles applicable for mobile applications and deep-dive into concepts and techniques that can be used to analyze the security of mobile applications during hands-on exercises. We will use static and dynamic analysis techniques on sample applications to gain an understanding of how an application works without having access to the source code of the application. Using these techniques we build an understanding of how security was implemented and discuss what could be done to remediate weaknesses in the applications.
- Mobile developers
- Security engineers
- IT professionals
- IT auditors with interest in hacking
Participants should have fundamental insight into operating systems and have experience with Android, either as a developer of mobile applications, security tester, or reverse engineer.
- Android security architecture review:
- Android kernel
- Android runtime
- Application framework
- Application development basics
- Permission model
- Secure design principles
- Static analysis techniques
- Decompilation, disassembly and recompilation
- Usage of reverse engineering tools such as APKtool, enjarify and Procyon
- Dynamic analysis techniques
- SSL man-in-the-middle
- Sensitive data extraction
- (Intent) fuzzing
- Dynamic debugging and instrumentation
- Temporary rooting
- Capture the flag exercises
Deloitte Academy is an accredited training institute. We follow the guidelines of the NBA according to the new PE system as of January 1, 2021.
Deloitte Academy is accredited by Cedeo and has the NRTO label. For more information about our accreditation, please refer to our Permanent Education page.
Until four weeks before the start of the course you may cancel your participation by email free of charge. Should you cancel within four weeks before the start of the course you will have to pay the full course fee.
Deloitte Academy reserves the right to cancel a course if circumstances dictate. You will be informed of this as soon as possible.
For more information about our Terms and Conditions, please refer to our FAQ page.
If you have any questions, please contact us:
Phone number: 088-288 93 33
Cedric Van Bockhaven
Cedric works as a Red Team Operator in the Deloitte Cyber Secure team and performs projects across all sectors. He provides both internal and external trainings with a heavy focus on the technical side of security topics. Hackazon (Deloitte’s Capture the Flag platform) is Cedric’s creative outlet to create new technical hands-on cyber security exercises that can be solved participants. Cedric also organizes and facilitates these events. Cedric is a certified CISSP, GICSP, OSCP, OSCE, and followed trainings such as Corelan ADVANCED.