Android Tamer         ByAnant Shrivastavahttp://anantshri.info
Agenda●    Android and Security●    Tool set available Right Now●    Android Tamer VM       ●           Source Code Analys...
Android+40% Phone Market●+10% Tablet Market●Manufacturer support : LG,Samsung,SE &●moreSupported by Google●Linux Based●   ...
Why Security Review●    Emerging Market.●    Smart phones.●    Easily acessible●    Emerging Target for malware distributi...
How and What to perform●    We Need to perform      ●          Application / Platform / Protocol Testing      ●          M...
Whats the solution●    Define Some standards.      ●          OWASP is working on it.●    Design some ToolKit      ●      ...
PresentingAndroid Tamer                7
What is Android Tamer●    VM environment Giving you the freedom to     perform      ●          Application Pentesting     ...
Salient Features●    Based on Ubuntu 10.04 LTS●    All non needed software removed.●    Minimum mix of foreign repositorie...
Tools : Application Pentesting●    OWASP ZAP●    TSOCK Proxy●    Emulator configured with ZAP certificate.●    Custom Link...
Tools : Malware Analysis●    DroidBox●    APKInspector●    Apktool●    Dex2jar /JAD / DED / JD-GUI●    Smali / baksmali●  ...
Tools : ROM Analysis / Modification●    DSIXDA Android Kitchen●    Unyaffs2●    Split_bootimg●    DDMS●    Refer Tools : D...
Tools : Development●    Eclipse + ADT●    NDK●    CodeSourcery C++ lite●    ARM DS-5 CE                            13
Tools : Rooting tools●    Scripts        ●            Rageinthecage        ●            Psneuter        ●            Ginge...
Important Linkshttps://sourceforge.net/p/androidtamer/                               15
Future●    Plan to keep it going.●    Applications will be distributed using Tamer     Repository (preconfigured)●    Tool...
About Me               Anant Shrivastava                   CEH, RHCE      Interested in Android, Linux, Web 2.0           ...
Upcoming SlideShare
Loading in...5
×

Android Tamer (Anant Shrivastava)

4,654

Published on

ClubHack 2011 Hacking and Security Conference.
Talk - Android Tamer
Speaker - Anant Shrivastava

Published in: Technology
1 Comment
2 Likes
Statistics
Notes
No Downloads
Views
Total Views
4,654
On Slideshare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
78
Comments
1
Likes
2
Embeds 0
No embeds

No notes for slide

Android Tamer (Anant Shrivastava)

  1. 1. Android Tamer ByAnant Shrivastavahttp://anantshri.info
  2. 2. Agenda● Android and Security● Tool set available Right Now● Android Tamer VM ● Source Code Analysis ● Application Development ● Security Analysis Applications ● ROM analysis ● Code Injection● Demos 2
  3. 3. Android+40% Phone Market●+10% Tablet Market●Manufacturer support : LG,Samsung,SE &●moreSupported by Google●Linux Based● 3
  4. 4. Why Security Review● Emerging Market.● Smart phones.● Easily acessible● Emerging Target for malware distribution.● Simply Put whole PC malacious life cycle is getting repeated in Mobile Domain 4
  5. 5. How and What to perform● We Need to perform ● Application / Platform / Protocol Testing ● Malacious Apps / website testing ● Rom Analysis / Modification● How We perform ● Setup toolset on every machine and still no standards. 5
  6. 6. Whats the solution● Define Some standards. ● OWASP is working on it.● Design some ToolKit ● Basically we need BT style toolkit for android. 6
  7. 7. PresentingAndroid Tamer 7
  8. 8. What is Android Tamer● VM environment Giving you the freedom to perform ● Application Pentesting ● Malware Analysis ● Rom Modification (Core + kernel) ● ROM Analysis ● App / Malware / Native Code Development 8
  9. 9. Salient Features● Based on Ubuntu 10.04 LTS● All non needed software removed.● Minimum mix of foreign repositories to avoid upgrade issues.● Not just tool dump but integrated solution.● Browser bookmarks.● Tamer Repository configured to avoid re-download of complete VDI image. (contains only one package as of now) 9
  10. 10. Tools : Application Pentesting● OWASP ZAP● TSOCK Proxy● Emulator configured with ZAP certificate.● Custom Link Given to launch specific AVD.● DDMS configured 10
  11. 11. Tools : Malware Analysis● DroidBox● APKInspector● Apktool● Dex2jar /JAD / DED / JD-GUI● Smali / baksmali● androguard 11
  12. 12. Tools : ROM Analysis / Modification● DSIXDA Android Kitchen● Unyaffs2● Split_bootimg● DDMS● Refer Tools : Development and Malware analysis 12
  13. 13. Tools : Development● Eclipse + ADT● NDK● CodeSourcery C++ lite● ARM DS-5 CE 13
  14. 14. Tools : Rooting tools● Scripts ● Rageinthecage ● Psneuter ● Gingerbreak ● ZergRush● APK’s ● Z4root ● Superoneclick ● Universal Androot Note : tools provided AS-IS, usage is a responsibility of USER 14
  15. 15. Important Linkshttps://sourceforge.net/p/androidtamer/ 15
  16. 16. Future● Plan to keep it going.● Applications will be distributed using Tamer Repository (preconfigured)● Tools and Categories to add ● Agnitio: Source code review ● Forensics Section.● If you know some other cool tools that could be added send in a mail. 16
  17. 17. About Me Anant Shrivastava CEH, RHCE Interested in Android, Linux, Web 2.0 Member of Null and G4H●Email : anant@anantshri.info●Web : http://anantshri.info●Blog : http://blog.anantshri.info
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×