Wiki

The droidsec.org Wiki collects and collates as much information relevant to Android security as possible. If you find something missing, please consider contributing.

For quick access, we have organized the types of information into the following categories:

  • Whitepapers - Android security and internals related papers
  • Tools - Useful tools for Android security research
  • Exploits - Vulnerabilities and exploits that affect Android
  • Crack-Mes - A list of Android crackmes (reversing challenges, etc.)
  • Miscellaneous - Other sites that aggregate Android security related content.
  • Books - A list of books focusing on Android Security/Malware

Whitepapers

  • Pulling a John Connor: Defeating Android Slides by Charlie Miller at ShmooCon 2009 (06th-08th February 2009)
  • A Look at a Modern Mobile Security Model: Google’s Android Slides by Jon Oberheide at CanSecWest 2009 (16th-20th March 2009)
  • Multiplatform Iphone/Android Shellcode, and other smart phone insecurities Slides by Alfredo Ortega & Nico Economou at CanSecWest 2009 (16th-20th March 2009)
  • Android Forensics Slides by Andrew Hoog at Mobile Forensics World 2009 (28th-29th May 2009)
  • Reconstructing Dalvik Applications (Google Android) Slides by Marc Schonefeld at SyScan 2009 (02nd-03rd July 2009)
  • Exploratory Android Surgery WP Slides by Jesse Burns at Black Hat USA 2009 (29th-30th July 2009)
  • Fuzzing the Phone in your Phone WP Slides by Charlie Miller & Collin Mulliner at Black Hat USA 2009 (29th-30th July 2009)
  • Reconstructing Dalvik applications Slides by Marc Schonefeld at HiTB Dubai 2010 (19th-22nd April 2010)
  • Android Hax Slides by Jon Oberheide at SummerCon 2010 (18th-20th June 2010)
  • More Bugs In More Places: Secure Development On Mobile Platforms Slides by David Kane-Parry at Black Hat USA 2010 (28th-29th July 2010)
  • These Aren’t the Permissions You’re Looking For Slides by Anthony Lineberry, David Luke Richardson & Tim Wyatt at Defcon 18 2010 (30th July - 01st August 2010)
  • Smartphones, Applications & Security Slides by Paul Sebastian Ziegler at HiTB KUL 2010 (13th-14th October 2010)
  • What’s Old Is New Again: An Overview Of Mobile Application Security Slides by Zach Lanier & Mike Zusman at SecTor 2010 (17th-19th October 2010)
  • Building Android Sandcastles in Android’s Sandbox WP Slides by Nils at Black Hat Abu Dhabi 2010 (08th-11th November 2010)
  • Smart Phones, Dumb Apps Slides by Dan Cornell at OWASP DC 2010 (11th November 2010)
  • Android: Reverse Engineering and Forensics Slides by Raphaël Rigo at DeepSec 2010 (25th-26th November 2010)
  • Popping Shell on A(ndroid)RM Devices WP Slides by Itzhak Avraham at BlackHat DC 2011 (18th-19th January 2011)
  • Team JOCH vs Android: The Ultimate Showdown Slides by Jon Oberheide and Zach Lanier at ShmooCon 2011 (05th-07th February 2011)
  • Beating up on Android - Practical Android Attacks Slides by Bas Alberts & Massimiliano Oldani at Infiltrate 2011 (16th-17th April 2011)
  • Popping Shell on A(ndroid)RM Devices Slides by Itzhak (Zuk) Avraham at HiTB AMS 2011 (19th-20th May 2011)
  • Don’t Root Robots Slides by Jon Oberheide & Zach Lanier at BSides Detroit 2011 (03rd-04th June 2011)
  • A framework for on-device privilege escalation exploit execution on Android Link 1 Link 2 by Sebastian Höbarth & Rene Mayrhofer at IWSSI 2011 (12th June 2011)
  • Taming Information-Stealing Smartphone Applications (on Android) Slides by Yajin Zhou, Xinwen Zhang, Xuxian Jiang & Vincent W. Freeh at TRUST 2011 (22nd-24th June 2011)
  • AndBug - A Scriptable Debugger for Android’s Dalvik Virtual Machine Slides by Scott Dunlop at Recon 2011 (08th-11th July 2011)
  • This is REALLY not the Droid you’re looking for WP Video 1 Video 2 APK File by Nicholas J. Percoco & Sean Schulte at Defcon 2011 (04th-07th August 2011)
  • Seven Ways to Hang Yourself with Google Android Slides Video 1 Video 2 by Yekaterina Tsipenyuk O’Neil & Erika Chin at Defcon 2011 (04th-07th August 2011)
  • Android malware is on the rise Slides by Timothy Armstrong at Virus Bulletin 2011 (05th-07th Oct 2011)
  • “I Know Kung-Fu!”: Analyzing Mobile Malware Slides by Alex Kirk at HiTB KUL 2011 (12th-13th October 2011)
  • Reversing Android Malware Slides by Mahmud Ab Rahman at HiTB KUL 2011 (12th-13th October 2011)
  • Exploiting Androids for Fun and Profit Slides by Riley Hassell at HiTB KUL 2011 (12th-13th October 2011)
  • Blackbox Android Slides by Marc Blanchou & Mathew Solnik at HiTB KUL 2011 (12th-13th October 2011)
  • Security Issues in Android Custom Rom’s Slides by Anant Shrivastava at c0c0n 2011 (17th Oct 2011)
  • “I Know Kung-Fu!”: Analyzing Mobile Malware Slides by Alex Kirk at H2HC 2011 (29th-30th October 2011)
  • How Security is Broken? : Android Internals and Malware Infection Possibility Slides by Tsukasa Oi at PacSec 2011 (09th-10th November 2011)
  • Yet Another Android Rootkit WP Slides by Tsukasa Oi at Black Hat Abu Dhabi 2011 (14th-15th December 2011)
  • Android: From Reversing to Decompilation WP Slides by Anthony Desnos & Geoffroy Gueguen at Black Hat Abu Dhabi 2011 (14th-15th December 2011)
  • Bypassing the Android Permission Model Slides by Georgia Weidman at Hack In Paris 2012 (18th-22nd June 2012)
  • Android Malware Heuristics EN JP by Masata Nishida at AVTOKYO 2012 (17th November 2012)
  • Android Mind Reading: Memory Acquisition and Analysis with DMD and Volatility Video Slides by Joe Sylve at Shmoocon 2012
  • Detecting Repackaged Smartphone Applications in Third-Party Android Marketplaces Slides by Wu Zhou, Yajin Zhou, Xuxian Jiang & Peng Ning at CODASPY 2012
  • Dissecting Android Malware: Characterization and Evolution Slides by Yajin Zhou & Xuxian Jiang at Oakland 2012
  • RiskRanker: Scalable and Accurate Zero-day Android Malware Detection Slides by Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou & Xuxian Jiang at MOBISYS 2012
  • Sleeping Android : Exploit through Dormant Permission Requests Slides by James Sellwood at SPSM 2013 (28th August 2012)
  • Mobile Exploit Intelligence Project Slides Video by Dan Guido & Mike Arpaia at SOURCE Boston 2012 (19th April 2012)
  • The Heavy Metal That Poisoned the Droid WP Slides Video by Tyrone Erasmus at Black Hat Europe 2012
  • Dex Education: Practicing Safe Dex Slides by Tim Strazzere at Black Hat USA 2012 (26th July 2012)
  • Cracking Open the Phone: An Android Malware Automated Analysis Primer Slides by Armando Orozco & Grayson Milbourne at RSA Conference 2012
  • Deceiving Permissions - Rules for Android Malware Detection Slides by Vanja Svajcer at RSA Conference 2012
  • UI Redressing Attacks on Android Devices WP Slides by Marcus Niemietz at Black Hat Abu Dhabi 2012
  • Tackling the Android Challenge Slides by Joshua J. Drake at RuxconBreakpoint 2012
  • Reducing the Window of Opportunity for Android Malware Slides by Axelle Apvrille & Tim Strazzere at EICAR Conference (May 2012)
  • Guns and Smoke to Defeat Mobile Malware Slides by Axelle Apvrille at HashDays 2012 (November 2012)
  • Mapping & Evolution of Android Permissions Slides by Zach Lanier & Andrew Reiter at CounterMeasure 2012
  • Into The Droid - Gaining Access to Android User Data Slides by Thomas Cannon at Defcon 20 2012
  • Dissecting the Android Bouncer Slides by Jon Oberheide and Charlie Miller at SummerCon 2012
  • Physical Drive-by Downloads Slides by Kyle Osborn at DerbyCon 2012
  • Woodpecker - Systematic Detection of Capability Leaks in Stock Android Smartphones Slides by Michael Grace, Yajin Zhou, Zhi Wang, Xuxian Jiang at NDSS 2012
  • Android - Bytecode Obfuscation bringing x86 fuckups to dalvik Slides by Patrick Schulz
  • Android Application Reverse Engineering & Defenses Slides by Patrick Schulz & Felix Matenaar at SOURCE Dublin 2013
  • Armor for your Android Apps Video by Roman Faynberg at Shmoocon 2013
  • Fast, Scalable Detection of “Piggybacked” Mobile Applications Slides by Wu Zhou, Yajin Zhou, Michael Grace, Xuxian Jiang & Shihong Zou at CODASPY 2013
  • Playing Hide and Seek with Dalvik Executables Slides by Axelle Apvrille at Hacktivity 2013
  • PatchDroid: Scalable Third-Party Security Patches for Android Devices Slides by Collin Mulliner, Jon Oberheide, William Robertson & Engin Kirda
  • Android OEM’s applications (in)security and backdoors without permission Slides by André Moulu
  • The Impact of Vendor Customizations on Android Security Slides by Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu & Xuxian Jiang at Computer and Communications Security 2013
  • An Android Hacker’s Journey: Challenges in Android Security Research Slides by Joshua J. Drake at CanSecWest 2013
  • Nifty stuff that you can still do with Android Slides by Xavier ‘xEU’ Martin at HES 2013 (2nd May 2013)
  • Android: From Rooting to Pwning Slides by Acexor at HackMiami 2013 (July 2013)
  • The Droid Exploitation SAGA Slides by ADITYA GUPTA & SUBHO HALDER at RSA Asia-Pacific Conference 2013
  • How to Build a SpyPhone WP Slides by Kevin McNamee at BlackHat USA 2013
  • Lets Play Applanting WP Slides by Ajit Hatti at BlackHat Europe 2013
  • Off Grid communications with Android WP Slides by Josh Thomas at BlackHat Europe 2013
  • Android: ONE ROOT TO OWN THEM ALL Slides by Jeff Forristal at BlackHat USA 2013
  • ABUSING WEB APIS THROUGH SCRIPTED ANDROID APPLICATIONS WP Slides by Daniel Peck at BlackHat USA 2013
  • Reversing and Auditing Android’s Proprietary Bits Slides by Joshua J. Drake at Recon 2013 (23rd June 2013)
  • Android games + free Wi-Fi = Privacy leak Slides by Takayuki Sugiura & Yosuke Hasegawa at PacSec 2013
  • Defeating the protection mechanism on Android platform  Slides by Tim Xia at PacSec 2013
  • Defeating Security Enhancements (SE) for Android Slides by Pau Oliva Fora at Defcon 2013
  • Playing Hide and Seek with Dalvik Executables Slides by Axelle Apvrille at Hack.Lu 2013 (October 2013)
  • Abusing Dalvik Beyond Recognition Slides by Jurriaan Bremer at Hack.Lu 2013 (October 2013)
  • GTA Phishing with permission Slides by Tom Leclerc and Joany Boutet at Hack.Lu 2013 (October 2013)
  • Android: Game of Obfuscation Slides by Jurriaan Bremer & Rodrigo Chiossi at H2HC 2013
  • Automated Analysis and Deobfuscation of Android Apps & Malware Slides by Jurriaan Bremer at AthCon 2013
  • Android DDI: Introduction to Dynamic Dalvik Instrumentation Slides by Collin Mulliner at HiTB KUL 2013 (October 2013)
  • TraceDroid: A Fast and Complete Android Method Tracer Slides by Victor van der Veen at HiTB KUL 2013 (October 2013)
  • DEX EDUCATION 201 ANTI-EMULATION Slides by Tim Strazzere at HITCON 2013 (19th July 2013)
  • Android Hooking Attack Slides by Minpyo Hong & Dongcheol Hong at HITCON 2013 (19th July 2013)
  • Review of Security Vulnerabilities on the Android Platform Slides by Claud Xiao at HITCON 2013 (19th July 2013)
  • Escaping Android Dynamic Analysis; Chinese New Year Train Ticket Ordering Day Slides by 趙閩 & 倪超 at HITCON 2013 (19th July 2013)
  • Droid Rage - Android exploitation on steroids Slides by Pablo Sole & Agustin Gianni at EkoParty 2013
  • TaintDroid - An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones Slides by William Enck, et. al at OSDI’10
  • Android Security Vulnerabilities and Exploits Slides by Justin Case at XDA Devcon 2013
  • Structural Detection of Android Malware using Embedded Call Graphs Slides by Hugo Gascon, Fabian Yamaguchi, Daniel Arp & Konrad Rieck at AiSec 2013
  • Detail of CVE-2013-4787(Master Key Vulnerability) Slides by Masata Nishida at AVTOKYO 2013.5 (16th February 2014)
  • Android Anti-forensics: Modifying CyanogenMod Link 1 Link 2 by Karl-Johan Karlsson, William Bradley Glisson at HICSS 2014 (Jan 2014)
  • Mobile Analysis Kung Fu, Santoku Style Slides by Andrew Hoog & Sebastián Guerrero at RSA Conference 2014 (24th-28th February)
  • Beginners Guide to Reverse Engineering Android Apps Slides by Pau Oliva Fora at RSA Conference 2014 (24th-28th February)
  • Touchlogger on iOS and Android Slides by Neal Hindocha & Nathan McCauley at RSA Conference 2014 (24th-28th February)
  • Predatory Hacking of Mobile: Real Demos Slides by Jeff Forristal at RSA Conference 2014 (24th-28th February)
  • Reverse Engineering, Pentesting and Hardening of Android Apps Slides by Marco Grassi at DroidCon 2014
  • DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket Slides by Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon & Konrad Rieck at NDSS 2014 (23rd-26th Feb 2014)
  • Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications Slides by Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna at NDSS 2014 (23rd-26th Feb 2014)
  • AppSealer: Automatic Generation of Vulnerability-Specific Patches for Preventing Component Hijacking Attacks in Android Applications Slides by Mu Zhang, Heng Yin at NDSS 2014 (23rd-26th Feb 2014)
  • SMV-Hunter: Large Scale, Automated Detection of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps Slides by David Sounthiraraj, Justin Sahs, Zhiqiang Lin, Latifur Khan, Garrett Greenwood at NDSS 2014 (23rd-26th Feb 2014)
  • AirBag: Boosting Smartphone Resistance to Malware Infection Slides by Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang, Xuxian Jiang at NDSS 2014 (23rd-26th Feb 2014)
  • Inside Job: Understanding and Mitigating the Threat of External Device Mis-Binding on Android Slides by Muhammad Naveed, Xiaoyong Zhou, Soteris Demetriou, XiaoFeng Wang, Carl Gunter at NDSS 2014 (23rd-26th Feb 2014)
  • Screenmilker: How to Milk Your Android Screen for Secrets Slides by Chia-Chi Lin, Hongyang Li, Xiaoyong Zhou, XiaoFeng Wang at NDSS 2014 (23rd-26th Feb 2014)
  • PREC: Practical Root Exploit Containment for Android Devices Slides by Tsung-Hsuan Ho, Daniel Dean, Xiaohui Gu, William Enck at CODASPY 2014 (March 2014 )
  • Compac: Enforce Component Level Access Control in Android Slides by Yifei Wang, Srinivas Hariharan, Chenxi Zhao, Jiaming Liu and Wenliang Du at CODASPY 2014 (March 2014 )
  • DIVILAR: Diversifying Intermediate Language for Anti-Repackaging on Android Platform Slides by Wu Zhou, Zhi Wang, Yajin Zhou and Xuxian Jiang at CODASPY 2014 (March 2014 )
  • Systematic Audit of Thirty-Party Android Phones Slides by Michael Mitchell, Guanyu Tian and Zhi Wang at CODASPY 2014 (March 2014 )
  • DroidBarrier: Know What is Executing on Your Android Slides by Hussain Almohri, Danfeng Yao and Dennis Kafura at CODASPY 2014 (March 2014 )
  • Pre-installed Android application poisoning Link 1 Link 2 by Yoshitaka Kato at AppSecAsiaPac 2014 (17th-20th March 2014 )
  • Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware Link 1 Link 2 by Thanasis Petsas, Giannis Voyatzis, Elias Athanasopoulos, Sotiris Ioannidis, Michalis Polychronakis at EuroSec 2014 (13th April 2014 )
  • Pentesting Android Applications Slides by Cláudio André at Confraria Segurança PT 5/2014 (May 2014 )
  • From Zygote to Morula: Fortifying Weakened ASLR on Android Slides by Byoungyoung Lee, Long Lu, Tielei Wang, Taesoo Kim, Wenke Lee at Oakland 2014 (May 2014 )
  • Upgrading Your Android, Elevating My Malware: Privilege Escalation Through Mobile OS Updating Slides by Luyi Xing, Xiaorui Pan, Rui Wang, Kan Yuan, XiaoFeng Wang at Oakland 2014 (May 2014 )
  • The Peril of Fragmentation: Security Hazards in Android Device Driver Customizations Slides by Xiaoyong Zhou, Yeonjoon Lee, Nan Zhang, Muhammad Naveed, Xiaofeng Wang at Oakland 2014 (May 2014 )
  • Tricks for image handling in Android Slides by Tyrone Nicholas at DroidCon Berlin 2014 (08th-10th May 2014)
  • Post-Mortem Memory Analysis of Cold-Booted Android Devices Link 1 Link 2 by Christian Hilgers, Holger Macht, Tilo Muller, Michael Spreitzenbarth at IMF 2014 (12th-14th May 2014 )
  • Execute this! Looking into code-loading techniques on Android Slides by Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna at Honeynet Project Workshop 2014 (12th-14th May 2014 )
  • Exploiting the Bells and Whistles: Uncovering OEM Vulnerabilities in Android Slides by Jake Valletta at CarolinaCon 10 2014 (16th-18th May 2014 )
  • Enter Sandbox: Android Sandbox Comparison WP Slides by Sebastian Neuner, Victor van der Veen, Martina Lindorfer, Markus Huber, Georg Merzdovnik, Martin Mulazzani and Edgar Weippl at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
  • An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities Slides by Vasant Tendulkar and William Enck at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
  • Andlantis: Large-scale Android Dynamic Analysis WP Slides by Michael Bierma, Eric Gustafson, Jeremy Erickson, David Fritz and Yung Ryn Choe at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
  • A Systematic Security Evaluation of Android’s Multi-User Framework WP Slides by Paul Ratazzi, Yousra Aafer, Amit Ahlawat, Hao Hao, Yifei Wang and Wenliang Du at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
  • Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture WP Slides by Xinyang Ge, Hayawardh Vijayakumar and Trent Jaeger at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
  • State of the Art - Exploring the New Android KitKat Runtime Slides by Paul Sabanal at HiTB Amsterdam 2014 (29th-30th May 2014 )
  • Evading Android Runtime Analysis via Sandbox Detection Slides by Timothy Vidas, Nicolas Christin at AsiaCCS 2014 (04th-06th June 2014 )
  • VirtualSwindle: An Automated Attack Against In-App Billing on Android Slides by Collin Mulliner, William Robertson, Engin Kirda at AsiaCCS 2014 (04th-06th June 2014 )
  • DroidRay: A Security Evaluation System for Customized Android Firmwares Slides by Min Zheng, Mingshen Sun, John C.S. Lui at AsiaCCS 2014 (04th-06th June 2014 )
  • APKLancet: Tumor Payload Diagnosis and Purification for Android Applications Slides by Wenbo Yang, Juanru Li, Yuanyuan Zhang, Yong Li, Junliang Shu, Dawu Gu at AsiaCCS 2014 (04th-06th June 2014 )
  • BREAKING THROUGH THE BOTTLENECK: MOBILE MALWARE IS OUTBREAK SPREADING LIKE WILDFIRE Slides (Password:HIP2014Thomas) by Thomas Wang at HackInParis 2014 (23rd-27th June 2014 )
  • Android Packers:Separating from the pack Slides by Ruchna Nigam at area41 Security Conference 2014 (June 2014 )
  • Advanced Bootkit Techniques on Android Slides by Chen Zhangqi & Shen Di at SyScan360 2014 (16th-17th July 2014 )
  • Click and Dragger: Denial and Deception on Android mobile Slides by thegrugq at SyScan360 2014 (16th-17th July 2014)
  • Android FakeID Vulnerability Walkthrough Slides by Jeff Forristal at BlackHat USA 2014 (06th-07th August 2014)
  • Understanding IMSI Privacy Slides by Ravishankar Borgaonkar & Swapnil Udar at BlackHat USA 2014 (06th-07th August 2014)
  • Sidewinder Targeted Attack Against Android In The Golden Age Of AD LIBS Slides by Tao Wei & Yulong Zhang at BlackHat USA 2014 (06th-07th August 2014)
  • Researching Android Device Security With The Help Of A Droid Army Slides by Joshua Drake at BlackHat USA 2014 (06th-07th August 2014)
  • Reflection On Trusting Trustzone WP Slides by Dan Rosenberg at BlackHat USA 2014 (06th-07th August 2014)
  • MyY Google Glass Sees Your Passwords! WP Slides by Xinwen Fu & Qinggang Yue & Zhen Ling at BlackHat USA 2014 (06th-07th August 2014)
  • Cellular Exploitation On A Global Scale: The Rise And Fall Of The Ccontrol Protocol Slides by Mathew Solnik & Marc Blanchou at BlackHat USA 2014 (06th-07th August 2014)
  • Android Hacker Protection Level 0 WP Source code by Tim Strazzere & Jon Sawyer at Defcon 22 2014 (07th-10th August 2014)
  • ASM: A Programmable Interface for Extending Android Security Slides by Stephan Heuser, Adwait Nadkarni, William Enck, Ahmad-Reza Sadeghi at 23rd USENIX Security Symposium (20th-22th August 2014)
  • Peeking into Your App without Actually Seeing it: UI State Inference and Novel Android Attacks Slides by Qi Alfred Chen, Zhiyun Qian, Z. Morley Mao at 23rd USENIX Security Symposium (20th-22th August 2014)
  • Insecure Internal Storage in Android WP Source code by Claud Xiao at Hitcon 2014 (19th-22th August 2014)
  • Guess Where I am-Android模拟器躲避的检测与应对 WP Source code by 胡文君 & Claud Xiao at Hitcon 2014 (19th-22th August 2014)
  • On the Feasibility of Automa3cally Generating Android Component Hijacking Exploits Slides by Wu Daoyuan at Hitcon 2014 (19th-22th August 2014)
  • Play Flappy Bird while you pentest Android in style Slides by Chris Liu & Matthew Lionetti at Hitcon 2014 (19th-22th August 2014)
  • Android 頑固木馬常見手法與清理 Slides by 趙閩 at Hitcon 2014 (19th-22th August 2014)
  • Find your own Android kernel bug Slides by 方家弘 at 「Android root 技术沙龙」 2014 (23rd August 2014)
  • root 的黑白事儿 Slides by Mick at 「Android root 技术沙龙」 2014 (23rd August 2014)
  • root技术与Android应用开发 Slides by 涂勇策 at 「Android root 技术沙龙」 2014 (23rd August 2014)
  • 瞬间爆炸!Root掉你的手机 Slides by 申迪 at 「Android root 技术沙龙」 2014 (23rd August 2014)
  • Bypassing wifi pay-walls with Android Slides by Pau Oliva Fora at RootedCon 2014 (19th-20th September 2014)
  • A distributed approach to malware analysis Link 1 Link 2 by Daan Raman at BruCON 0x06 - 2014 (25th-26th September 2014)
  • Advanced Tracing and Monitoring of Android Applications Slides by Zsombor Kovács penetration tester, Gergő Köpenczei at Hacktivity 2014 (10th-11th October 2014)
  • Enter The Snapdragon! Slides by Daniel Komaromy at Hacktivity 2014 (10th-11th October 2014)
  • Android Forensics: The Joys of JTAG Slides by tty0x80 at Ruxcon 2014 (11th-12th October 2014)
  • TACKYDROID: Pentesting Android Applications in Style slides by Chris Liu & Matthew Lionetti at HiTB KUL 2014 (15th-16th October 2014)
  • BREAKING “SECURE” MOBILE APPLICATIONS Slides by Dominic Chell at HiTB KUL 2014 (15th-16th October 2014)
  • Hide Android Applications in Images WP Slides by Axelle Apvrille & Ange Albertini at BlackHat Europe 2014 (14th-17th October 2014)
  • MAN IN THE BINDER: HE WHO CONTROLS IPC, CONTROLS THE DROID WP Slides by Nitay Artenstein & Idan Revivo at BlackHat Europe 2014 (14th-17th October 2014)
  • Mobile Hacking – Reverse Engineering the Android OS Slides by Tom Updegrove at HackerHalted 2014 (16th-17th October 2014)
  • Vaccinating Android Slides by Milan Gabor & Danjel Grah at GrrCon 2014 (16th-17th October 2014)
  • Making Android’s Bootable Recovery Work For You Slides by Drew Suarez at EkoParty 2014 (29th-31st October 2014)
  • An Infestation of Dragons: Exploring Vulnerabilities in the ARM TrustZone Architecture Slides by Josh “m0nk” Thomas, Charles Holmes & Nathan Keltner at PacSec Japan 2014 (12th-13th November 2014)
  • Hey, we catch you - dynamic analysis of Android applications Slides by Wenjun Hu at PacSec Japan 2014 (12th-13th November 2014)
  • Steroids for your App Security Assessment Slides by Marco Grassi at ZeroNights 2014 (13th-14th November 2014)
  • Racing with DROIDS Slides by Peter Hlavaty at ZeroNights 2014 (13th-14th November 2014)
  • Countering mobile malware in CSP’s network Android honeypot as anti-fraud solution Slides by Denis Gorchakov, Nikolay Goncharov at ZeroNights 2014 (13th-14th November 2014)
  • Creating a kewl and simple Cheating Platform on Android Slides by Milan Gabor & Danijel Grah at DeepSec 2014 (18th-21st November 2014)
  • Information-Flow Analysis of Android Applications in DroidSafe Slides by Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen and Martin Rinard at NDSS Symposium 2015 (08th-11th February 2015)
  • What’s in Your Dongle and Bank Account? Mandatory and Discretionary Protection of Android External Resources Slides by Soteris Demetriou, Xiaoyong Zhou, Muhammad Naveed, Yeonjoon Lee, Kan Yuan, XiaoFeng Wang and Carl A Gunter at NDSS Symposium 2015 (08th-11th February 2015)
  • EdgeMiner: Automatically Detecting Implicit Control Flow Transitions through the Android Framework Slides by Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna and Yan Chen at NDSS Symposium 2015 (08th-11th February 2015)
  • CopperDroid: Automatic Reconstruction of Android Malware Behaviors Slides by Kimberly Tam, Salahuddin J. Khan, Aristide Fattori and Lorenzo Cavallaro at NDSS Symposium 2015 (08th-11th February 2015)
  • DeepDroid: Dynamically Enforcing Enterprise Policy on Android Devices Slides by Xueqiang Wang, Kun Sun, Yuewu Wang and Jiwu Jing at NDSS Symposium 2015 (08th-11th February 2015)
  • Android Malware and Analysis Video by Shane Hartman at BSides Tampa 2015 (21st February 2015)
  • Watch you lookin’ at? Slides by Jahmel Harris & Owen Evans at Securi-Tay 2015 (27th February 2015)
  • On Relaying NFC Payment Transactions using Android devices Slides by Ricardo J. Rodríguez y & José Vila at RootedCon 2015 (05th-07th March 2015)
  • Android: Back to the Future, Two or Too Slides by Raúl Siles at RootedCon 2015 (05th-07th March 2015)
  • DABID: The Powerful Interactive Android Debugger For Android Malware Analysis Slides by Jin-hyuk Jung & Jieun Lee at BlackHat Asia 2015 (26th-27th March 2015)
  • Hiding Behind Android Runtime (ART) Slides WP by Paul Sabanal at BlackHat Asia 2015 (26th-27th March 2015)
  • Relaying EMV Contacless Transactions Using Off-The-Shelf Android Devices Slides WP by Jordi Van den Breekel at BlackHat Asia 2015 (26th-27th March 2015)
  • Resurrecting The READ_LOGS PERMISSION On Samsung Devices Slides WP by Ryan Johnson & Angelos Stavrou at BlackHat Asia 2015 (26th-27th March 2015)
  • We Can Still Crack You! General Unpacking Method For Android Packer (NO ROOT) Slides by Yeongung Park at BlackHat Asia 2015 (26th-27th March 2015)
  • Fuzzing the Media Framework in Android Slides by Alexandru Blanda at Android Builders summit 2015 (23th-25th March 2015)
  • Android OTA Updates Slides by Andrew Boie at Android Builders summit 2015 (23th-25th March 2015)
  • Lollipop MR1 Verified Boot Slides by Andrew Boie at Android Builders summit 2015 (23th-25th March 2015)
  • Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading Slides Project by Luca Falsina at DroidCon Italy 2015 (09th-10th April 2015)
  • Android Security - Data from the Frontlines Slides by Adrian Ludwig at RSA Conference 2015 (20th-24th April 2015)
  • How We Discovered Thousands of Vulnerable Android Apps in 1 Day Slides by Joji Montelibano & Will Dormann at RSA Conference 2015 (20th-24th April 2015)
  • But… It’s an App/Play Store Download: Research Exposes Mobile App Flaws Slides by Andrew Hoog & Ryan Welton at RSA Conference 2015 (20th-24th April 2015)
  • Live Mobile Hacking Demo and Dissection! Slides by Lior Ben-Porat, Rotem Salinas & Jason Rader at RSA Conference 2015 (20th-24th April 2015)
  • Digging for Android Kernel Bugs Slides by James Fang & Sen Nie at Qualcomm Mobile Security Summit 2015 (30th April to 1st May 2015)
  • Android App “Protection” Slides by Tim “diff” Strazzere & Jon “Justin Case” Sawyer at Qualcomm Mobile Security Summit 2015 (30th April to 1st May 2015)
  • Bypassing Android Binary Protections Slides by Julian Berton at WAHCKon[2] Perth 2015 Conference (2nd-3rd May 2015)
  • Android malware code reuse: myths and reality Video by Natalia Stakhanova at 2015 Honeynet Project Workshop (18th-20th May 2015)
  • Mobile Inception: a look inside modern espionage malware Video by Ryan Smith at 2015 Honeynet Project Workshop (18th-20th May 2015)
  • How to Root 10 Million Phones with one Exploit Slides by James Fang at MoSec 2015 (05th June 2015)
  • What Can You Do To An APK Without Its Private Key Except Repacking? WP Slides by Peng Xiao at Blackhat Mobile Security Summit London 2015 (20th-21st June 2015)
  • Abusing Android Apps And Gaining Remote Code Execution Slides by Ryan Welton at Blackhat Mobile Security Summit London 2015 (20th-21st June 2015)
  • Deconstructing KONY Android Apps WP Slides by Chris Weedon at Blackhat Mobile Security Summit London 2015 (20th-21st June 2015)
  • Inspecting Data From The Safety Of Your Trusted Execution Environment WP Slides by John Williams at Blackhat Mobile Security Summit London 2015 (20th-21st June 2015)
  • Mobile Malware - A Network View WP Slides by Kevin McNamee at Blackhat Mobile Security Summit London 2015 (20th-21st June 2015)
  • Man in the (Android) Middleware Slides by Damien Cauquil at Nuit Du Hack 2015 (20th-21st June 2015)
  • Criminal Profiling: Android Malware Slides by Axelle Apvrille at Nuit Du Hack 2015 (20th-21st June 2015)
  • HITB LAB: Attacking Android Apps Slides by Tony Trummer at HiTB Amsterdam 2015 (28th-29th June 2015)
  • Relay Attacks in EMV Contactless Cards with Android OTS Devices WP Slides by Ricardo J. Rodríguez & Pepe Vila at HiTB Amsterdam 2015 (28th-29th June 2015)
  • Fuzzing Objects d’ART: Digging Into the New Android L Runtime Internals WP Slides by Anestis Bechtsoudis at HiTB Amsterdam 2015 (28th-29th June 2015)
  • Eight Ou Two Mobile WP Slides by Matias Eissler at HiTB Amsterdam 2015 (28th-29th June 2015)
  • Opcodes in Google Play: Tracing Malicious Applications Slides by Dr. Alfonso Muñoz & Sergio de los Santos at HiTB Amsterdam 2015 (28th-29th June 2015)
  • Is my app Secure? Slides by Cláudio André & Herman Duarte at Bsides Lisbon 2015 (3rd July 2015)
  • Android混淆技巧与反混淆 Slides by 小波 at 2015阿里安全峰会 (09th-10th July 2015)
  • 内存喷射在安卓Root利用中 Slides by 陈良 at 2015阿里安全峰会 (09th-10th July 2015)
  • Android 应用程序通用自动脱壳方法研究 Slides by GoSSIP_SJTU at 乌云2015年白帽子大会 Wooyun Summit 2015 (17th-18th July 2015)
  • AH! UNIVERSAL ANDROID ROOTING IS BACK WP Slides by Wen Xu at Defcon 23 (05th-06th August 2015)
  • ATTACKING YOUR TRUSTED CORE: EXPLOITING TRUSTZONE ON ANDROID WP Slides by Di Shen at Defcon 23 (05th-06th August 2015)
  • CERTIFI-GATE: FRONT-DOOR ACCESS TO PWNING MILLIONS OF ANDROIDS WP Slides by Ohad Bobrov & Avi Bashan at Defcon 23 (05th-06th August 2015)
  • FAUX DISK ENCRYPTION: REALITIES OF SECURE STORAGE ON MOBILE DEVICES WP by Daniel Mayer & Drew Suarez at Defcon 23 (05th-06th August 2015)
  • FINGERPRINTS ON MOBILE DEVICES: ABUSING AND LEAKING WP Slides by Yulong Zhang & Tao Wei at Defcon 23 (05th-06th August 2015)
  • FUZZING ANDROID SYSTEM SERVICES BY BINDER CALL TO ESCALATE PRIVILEGE WP Slides by Guang Gong at Defcon 23 (05th-06th August 2015)
  • STAGEFRIGHT: SCARY CODE IN THE HEART OF ANDROID Slides by Joshua Drake at Defcon 23 (05th-06th August 2015)
  • THIS IS DEEPERENT: TRACKING APP BEHAVIORS WITH (NOTHING CHANGED) PHONE FOR EVASIVE ANDROID MALWARE Slides by Yeongung Park & Jun Young Choi at Defcon 23 (05th-06th August 2015)
  • QARK Slides by Tony Trummer & Tushar Dalvi at Defcon 23 (06th-09th August 2015)
  • Security Auditing Mobile Apps Slides by Sam Bowne at Defcon 23 (06th-09th August 2015)
  • Own Your Android! Yet Another Universal Root WP by Wen Xu & Yubin Fu at WOOT 2015 (08th-11th August 2015)
  • One Class to Rule Them All: 0-Day Deserialization Vulnerabilities in Android WP by Or Peles and Roee Hay at WOOT 2015 (08th-11th August 2015)
  • New acquisition method based on firmware update protocols for Android smartphones WP by Seung Jei Yang, Jung Ho Choi, Ki Bom Kim & Tae Joo Chang at DFRWS 2015 (09th-13th August 2015)
  • Network and device forensic analysis of Android social-messaging applications WP by Daniel Walnycky, Ibrahim Baggili, Andrew Marrington, Frank Breitinger & Jason Moore at DFRWS 2015 (09th-13th August 2015)
  • EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning WP by Ruowen Wang, William Enck, Douglas Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, & Ahmed M. Azab at 24th USENIX Security Symposium (12th-14th August 2015)
  • Android Permissions Remystified: A Field Study on Contextual Integrity WP by Primal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David Wagner & Konstantin Beznosov at 24th USENIX Security Symposium (12th-14th August 2015)
  • You Shouldn’t Collect My Secrets: Thwarting Sensitive Keystroke Leakage in Mobile IME Apps WP by Jin Chen, Haibo Chen, Erick Bauman, Zhiqiang Lin, Binyu Zang & Haibing Guan at 24th USENIX Security Symposium (12th-14th August 2015)
  • Boxify: Full-fledged App Sandboxing for Stock Android WP by Michael Backes, Sven Bugiel, Christian Hammer, Oliver Schranz & Philipp von Styp-Rekowsky at 24th USENIX Security Symposium (12th-14th August 2015)
  • LinkDroid: Reducing Unregulated Aggregation of App Usage Behaviors WP by Huan Feng, Kassem Fawaz, & Kang G. Shin at 24th USENIX Security Symposium (12th-14th August 2015)
  • PowerSpy: Location Tracking Using Mobile Device Power Analysis WP by Yan Michalevsky, Aaron Schulman, Gunaa Arumugam Veerapandian, Dan Boneh, & Gabi Nakibly at 24th USENIX Security Symposium (12th-14th August 2015)
  • Towards Discovering and Understanding Task Hijacking in Android WP by Chuangang Ren, Yulong Zhang, Hui Xue, Tao Wei &Peng Liu at 24th USENIX Security Symposium (12th-14th August 2015)
  • SELinux in Android Lollipop and Android M Slides by Stephen Smalley at LSS2015 (25th August 2015)
  • ioctl command whitelisting in SELinux Slides by Jeff Vander Stoep at LSS2015 (25th August 2015)
  • IMA/EVM on Android Device Slides by Dmitry Kasatkin at LSS2015 (25th August 2015)
  • Improving mobile security with forensics, app analysis and big data Slides Video by Andrew Hoog at Android Security Symposium (09th-11th September 2015)
  • Android security architecture Slides Video by Nikolay Elenkov at Android Security Symposium (09th-11th September 2015)
  • Lessons from the trenches: An inside look at Android security Slides Video by Nick Kralevich at Android Security Symposium (09th-11th September 2015)
  • Human factors in anonymous mobile communication Slides Video by Svenja Schröder at Android Security Symposium (09th-11th September 2015)
  • Continuous risk-aware multi-modal authentication Slides Video by Daniel Hintze, Rainhard Findling & Muhammad Muaaz at Android Security Symposium (09th-11th September 2015)
  • Assessing Android applications using command-line fu Slides Video by Pau Oliva Fora at Android Security Symposium (09th-11th September 2015)
  • An infestation of dragons: Exploring vulnerabilities in the ARM TrustZone architecture Slides Video by Josh Thomas & Charles Holmes at Android Security Symposium (09th-11th September 2015)
  • Using Android security for governmental PKI: Opportunities and challenges Slides by Pekka Laitinen at Android Security Symposium (09th-11th September 2015)
  • Secure elements for you and me: A model for programmable secure hardware in mobile ecosystems Slides Video by Alexandra Dmitrienko at Android Security Symposium (09th-11th September 2015)
  • Mobile threats incident handling Slides Video by Yonas Leguesse at Android Security Symposium (09th-11th September 2015)
  • ANANAS - ANalyzing ANdroid ApplicationS Slides by Dieter Vymazal at Android Security Symposium (09th-11th September 2015)
  • How Google killed two-factor authentication Slides Video by Victor van der Veen at Android Security Symposium (09th-11th September 2015)

Tools

Debugging

Virtual Machines (vms)

  • Android-vm – provisions ubuntu VM w/ ADT & ADK with Vagrant

Application Level Stuff

Bootloader/Radio Tools

Android Market Downloaders

Exploits

Root Exploits

Core System Exploits

Other Exploits

Crack-Mes

Miscellaneous

Books