Android Security and Forensics DevLab

According to statcounter, the Android operating system has a global market share of 43.23% (as of May 2022). This is larger than any other operating system including Windows. However. despite the ubiquitous nature of Android, it is still something of a "black box" to many who have a very limited understanding of its inner workings etc.

 

This DevLab will explore the Android operating system, as well as existing tools and resources that can be used to investigate the operating system from security and digital forensics perspectives.

Suggested Aims

  • To create and publish a series of curated and well-documented Android security and forensics labs, that can be used by contributors.
     

  • To design labs and activities using tools and resources that are open source, free to access, and free to use.

Suggested Objectives

  • Establish a shared online project  space for collaboration
     

  • Assign roles and responsibilities to participants
     

  • Identify and collate links to existing open source Android  forensics tools and resources
     

  • Establish test environments for evaluating and bench marking tools and their performance.
     

  • Test and document identified tools and resources where required.
     

  • Evaluate Android VM performance in both VM Ware and VirtualBox
     

  • Investigate options of purchasing previously owned phones as an option for accessing affordable devices.
     

  • Create or source deep dive Android OS guides.
     

  • Conduct user testing of labs and resources that are an outcome of this project.
     

  • Make resources available to contributors.
     

  • To create and publish a series of curated and well-documented Android security and forensics labs, that can be used by contributors.
     

Examples of Resources and Technologies that could feature in this DevLab

Android Security Model:
https://source.android.com/security

 

Apktool:

https://www.kali.org/tools/apktool/
 

APK Easy Tool:

https://forum.xda-developers.com/t/tool-windows-apk-easy-tool-v1-59-2-2021-04-03.3333960/
 

Android-86 Virtual Machine:

https://www.android-x86.org/
 

MSFvenom:

https://docs.metasploit.com/docs/using-metasploit/basics/how-to-use-msfvenom.html
 

MobSF:

https://github.com/MobSF
 

Drozer:

https://labs.f-secure.com/tools/drozer/#nav
 

Autopsy aLEAPP:

https://www.autopsy.com/yara-android-aleapp-domains-and-more-in-4-18-0/
 

QARK Android App Vulnerability Scanning Tool:

https://github.com/linkedin/qark/
 

OWASP Android Security Inspector Toolkit: 

https://owasp.org/www-project-android-security-inspector-toolkit/
 

OWASP mobile Security Project:

https://owasp.org/www-project-mobile-security/

 

Getting Started

If you have the time and enthusiasm to become an active contributor to this DevLab, you can click the button below to request access.

IMPORTANT NOTE: DevLabs are only available to teachers and lecturers, therefore you will need to subscribe to this DevLab with an institutional email address. Access will not be made available for @gmail, @hotmail, @live etc., email addresses.