Android-Security-Roadmap

Prerequisites

Programing languages

• Java : [ 1 ] - [ 2 ] - [ 3 ] - [ 4 ]
• Kotlin : [ 1 ] - [ 2 ]
• XML : [ 1 ] - [ 2 ]
• C / C++
• Smali : [ 1 ] - [ 2 ] - [ 3 ] - [ 4 ]
• Assembly : [ 1 ] - [ 2 ] - [ 3 ] - [ 4 ]

Networking

• OCI Model : [ 1 ] - [ 2 ]
• TCP / IP
• DNS
• HTTP
• SSL / TLS
• Proxy

Cryptography

• Encryption
• Hashing
• MAC
• RSA
• AES

Android Design & Architecture

• Linux Kernel
• HAL
• Native Library
• Android Runtim
• Java API
• System App
• IPC
• binder
• Dalvik VM
• SandBoxing
• User & group
• Filesystem / Partition
• File
• Database
• Sqlite : [ 1 ] - [ 2 ]
• Room : [ 1 ] - [ 2 ]
• Realm : [ 1 ] - [ 2 ]
• Sharedprefrence : [ 1 ] - [ 2 ]

Permissions

• Aplication level : [ 1 ]
• protection levels
• Custom Permission

Application Components

• Activity : [ 1 ]
• Service : [ 1 ]
• Broadcast Reciever : [ 1 ]
• Content Provider : [ 1 ]
• Manifest : [ 1 ]
• Intent : [ 1 ] - [ 2 ]

Core Api

• Cryptography : [ 1 ]
• Interacting with Other Apps : [ 1 ]
• User Interface : [ 1 ]
• Images and graphics : [ 1 ]
• Audio & Video : [ 1 ]
• background processing : [ 1 ]
• App data and files : [ 1 ]
• Touch and input : [ 1 ]
• Sensors : [ 1 ]
• Connectivity : [ 1 ]

Server Interaction

• Confidentiality & Authentication
• HTTP Library
• OkHttp
• Volley
• Retrofit
• Burp Suite
• SSL Pinning
• Certificate Validation
• Proxy & Sniffer for HTTP Traffic
• SSL / TLS Implementation

Static Analysis

• APK Development Process
• APK Structure : [ 1 ]
• Decompiling
• JADX
• APKtool
• Code Patching
• Native Code
• Decompiling
• Disassembling
• Ghidra
• IDA

Dynamic Analysis

• Stack trace
• Hooking
• Debuging
• ADB
• Emulator
• Genymotion
• AVD
• Bluestack
• Detection / Bypass
• Virtual-machine
• SSL-pin
• Rooting
• Tools
• Frida
• Drozer
• Objection
• Xposed
• RMS
• MOBSF

Common Attacks

• Insecure Data Transmission
• Insecure IPC
• Permission Issue
• Insecure Data Storage
• Webview Issue
• Insecure Logs