Upcoming Hackers

Let's Hack Together

Android Penetration Testing Mobile Penetration Testing

Android Pentesting Setup : Step by Step Guide

ByPranshu

Apr 15, 2024

In today’s digital landscape, where mobile applications have become an integral part of our daily lives, ensuring their security is paramount. Android, being the most widely used mobile operating system, is a prime target for attackers. This is where Android application penetration testing comes into play. It’s a proactive approach to identify and mitigate vulnerabilities before they’re exploited by malicious actors. Let’s dive into the depths of Android app penetration testing to understand its significance and how it’s conducted.

Pre-Requisite for Setup

For Windows

  1. Emulator (Genymotion / Nox / Android Studio )
  2. ADB ( Android Debug Bridge )
  3. Python
  4. Frida ( pip install frida-tools )
  5. Frida Server for Android
  6. Objection ( pip install objection )
  7. Burpsuite
  8. Frida Script : RootDetectionBypass
  9. Frida Script : SSLPinningBypass

For Linux

  1. Emulator (Genymotion / Nox / Android Studio )
  2. ADB ( apt install adb -y )
  3. Python ( sudo apt install python3 -y )
  4. Frida ( pip install frida-tools )
  5. Frida Server for Android
  6. Objection ( pip install objection )
  7. Burpsuite
  8. Frida Script : RootDetectionBypass
  9. Frida Script : SSLPinningBypass

Let’s Setup Genymotion

  • Once Genymotion is installed, open Genymotion and click on + icon on the top right corner.
  • Now it will open a new window, where you can select the device model you want to install.
  • After selecting the Android Device, we need to configure which android version we want it to be.
  • I am going to install “Android-10” for the setup. After this just click on Next and always select “NAT” for Network Mode and click on Install.
  • Now, it will take sometime to install, once install we will get a notification on the top right corner to start the device.
  • Let’s start and setup our android device.

Lets Setup Burpsuite with Android Device

  • Open Burp Suite & click Settings to open the Settings dialog.
  • Go to Tools > Proxy.
  • In Proxy Listeners, click Add.
  • In the Binding tab, set Bind to port 8080 (or another port that is not in use).
  • Select All Interfaces and click OK.

Discover more from Upcoming Hackers

Subscribe to get the latest posts sent to your email.

Related Post

Android Penetration Testing Lab & Tools Setup

How to Setup GNU Debugger

Apr 23, 2024 Pranshu
Android Penetration Testing Mobile Penetration Testing

Debugging Android Application using GNU Debugger

Apr 23, 2024 Pranshu

Discover more from Upcoming Hackers

Subscribe now to keep reading and get access to the full archive.

Continue reading