Information Gathering
Analyze traffic using burp
Install Apk in the androi emulator
Fire up burp suite and configure the proxy to listen to all interfaces on port 8081
Configure proxy settings in the android emulator WIFI settings to be your localip:8081
Install Certificate to your emulator by exporting the burp certificate -> rename it to
burp.cer
-> push it to the emulator viaadb push <PATH>
then install it to your devicerun app.py for your server and proxifiy traffic using burp and use all feature and collect all requests
Pulling apk from devices
Decompiling application
Analyze the code and android manifest.xml
subl base/AndroidManifest.xml
Use drozer to give you an overview about the application <how to do it>
run app.package.info -a com.android.insecurebankv2 run app.package.attacksurface com.android.insecurebannkv2
Last updated