Request a Demo Contact Us
Visit Us At Gartner Security & Risk Management Summit From June 5-7 At Booth #1059
Register Now

Finding Sensitive Data in Android Apps

 

Finding Sensitive Data in Android Apps


In this presentation, Nerdwell reviews common developer assumptions about mobile application security and explores ways in which these assumptions can be invalidated. We begin with a review of some new tools that streamline the bug bounty hunter’s Android hacking workflow. After that, we present tools and techniques for accessing, identifying, and extracting sensitive data from Android apps’ internal storage. Then we wrap up with a discussion of how to maximize the security impact of our findings for impactful bug bounty reports.

 

About the Author


Nerdwell is a systems and security engineer with a passion for bug bounty and vulnerability research. He currently works in critical infrastructure protection and has experience supporting technology in a variety of industries, ranging from manufacturing to healthcare. With over 20 years’ experiences, Nerdwell understands firsthand the challenges of building and supporting complex technology solutions securely. In addition to finding bugs and performing security research, Nerdwell enjoys networking and sharing knowledge with fellow hackers.

More resources

LevelUp

Overview of Common Android App Vulnerabilities

Learn More
LevelUp

Reverse Engineering with Binary Ninja

Learn More
Datasheet

Attack Surface Management Asset Inventory

Read More

Get Started with Bugcrowd

Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.