Meet the DIVA - by: Sandeep & Ankit
Report
OWASP DelhiFollow
Security Researcher at Adobe, Chapter Leader at OWASP & nullJun. 24, 2016•0 likes•317 views
Meet the DIVA - by: Sandeep & Ankit
Jun. 24, 2016•0 likes•317 views
Download to read offline
Report
Internet
This Presentation is all about Damn Insecure & Vulnerable App
OWASP DelhiFollow
Security Researcher at Adobe, Chapter Leader at OWASP & nullRecommended
Building Custom Android Malware BruCON 2013Stephan Chenette
Consulthink @ GDG Meets U - L'Aquila2014 - Codelab: Android Security -Il ke...Consulthinkspa
Telecommuting 101 - Tips and Tricks for working from homeSeth Fendley
Matkifountaindirect
Software TestingAJEET KUMAR YADAV
Setting up a cost effective Application Security program from scratch by Tusn...OWASP Delhi
More Related Content
Viewers also liked
Affordable app sec for startups by - Sandeep Singh, Vaibhav Gupta and Vishal ...OWASP Delhi
IzzuddinDinGea
Civic sportsJack740
перелік комплексних навчально тематичних екскурсійbiblioteka_c
سمینار آشنائی Ims Meisam J Moghadam
Visualizing Critique: Strategies for Critical ReflectionMhermano
Similar to Meet the DIVA - by: Sandeep & Ankit
Null mumbai-Android-Insecure-Data-Storage-ExploitationNitesh Malviya
Code to Cloud Workshop.pptxJamie Coleman
Ii 1300-java essentials for androidAdrian Mikeliunas
Android application penetration testingRoshan Kumar Gami
Android security and penetration testing | DIVA | Yogesh OjhaYogesh Ojha
Android AttacksMichael Scovetta
More from OWASP Delhi
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesOWASP Delhi
Securing dns records from subdomain takeoverOWASP Delhi
Effective Cyber Security Report WritingOWASP Delhi
Data sniffing over Air GapOWASP Delhi
UDP HunterOWASP Delhi
Demystifying Container EscapesOWASP Delhi
Recently uploaded
办理英国圣安德鲁斯大学毕业证原版一模一样uncesxy
Richard - IFIP Networking 2021 - Panel.pdfRichard Renwei Li
意大利意大利罗马一大毕业证、学位证原版制作vweuwx
澳洲阿伯泰邓迪大学毕业证学位证办理方法gonksoe
IDNOG 8: APNIC MeasurementsAPNIC
Automation Suite PPT (2).pptxRohitRadhakrishnan8
![毕业证靠谱[办理莱斯利大学毕业证文凭学历认证]](https://cdn.slidesharecdn.com/ss_thumbnails/615-degree-2408223615-230825124716-9dfee7b2-thumbnail.jpg?width=2048&height=1162&fit=bounds)
Meet the DIVA - by: Sandeep & Ankit
- DIVA (Damn insecure and vulnerable App) is an Android App intentionally designed to be insecure The vulnerabilities exist from a developer’s perspective Source: https://github.com/payat u/diva-android Created by Aseem Jakhar
- Current Challenges include: ◦ Insecure Logging ◦ Hardcoding Issues – Part 1 ◦ Insecure Data Storage – Part 1 ◦ Insecure Data Storage – Part 2 ◦ Insecure Data Storage – Part 3 ◦ Insecure Data Storage – Part 4 ◦ Input Validation Issues – Part 1 ◦ Input Validation Issues – Part 2 ◦ Access Control Issues – Part 1 ◦ Access Control Issues – Part 2 ◦ Access Control Issues – Part 3 ◦ Hardcoding Issues – Part 2 ◦ Input Validation Issues – Part 3
- For the purpose of the walkthrough of the challenges we need the following tools: ◦ Genymotion or Android Studio AVD ◦ Dex2jar or jadx ◦ JD-GUI ◦ APKTOOL
- jadx –d out_folder diva.apk adb devices adb logcat adb shell cd, ls, ls –a, cat sqlite3 database_name select * from table_name;