Open AYAN-AMBESH opened 4 months ago
Hey, looks good does mid march work for you? (7 or 14)
yes it works for me
7 march will be nice
Hey, what's the update on presentation?
Hey i have crafted the presentation in markdown format and im sending that below down i will be presenting it through slides (a program written in go to showcase presentation in terminal)
#
Scenario: A developer accidentally leaves their API key hardcoded within the Android application's code. Static analysis: Identifies the presence of the hardcoded API key and flags it as a potential security vulnerability. Benefit: This early detection allows the developer to address the issue before the app is released, preventing potential misuse of the API key.
Benefits in Android Development: Detects vulnerabilities that only manifest at runtime, such as unauthorized network access, attempts to tamper with device settings, and malware injection. Provides a more comprehensive security assessment compared to static analysis. Limitations: Can be time-consuming and resource-intensive. May require additional setup and configuration.
Problem: Mobile apps are increasingly vulnerable to leaks of sensitive information like passwords, API keys, and user data. Impact: These leaks can compromise user privacy, financial information, and internal systems.
Hardcoded Secrets: Embedding sensitive data directly in the app's code. Example: A hardcoded secret key allowed decryption of encrypted data. Insecure Logging: Inadvertently logging sensitive information through debugging tools like "adb logcat." Example: Debuggers can reveal sensitive data logged during development or testing.
Finding the Process ID (PID):
Use adb shell ps -ef | grep
Secure Coding Practices: Avoid Hardcoding: Use environment variables or secure key storage mechanisms for sensitive data. Log Management: Filter Logs: Capture only essential information. Centralized Logging: Use a system with access controls for sensitive logs.
Type
Talk
Location
Campus: Noida
About
Android Testing
Static and Dynamic testing on android Apk with hands on demonstration via test application will also go through SMALI but not in depth as its a topic big in itself
Will go from Beginner to Advance
Pre-requisites
Basic knowledge of linux , programming (any langauge)
Duration
2 hours
Level
Beginner
Resources
Currently working on the presentation will share it as soon as possible
Speakers
Ayan Ambesh Linkedin Github