{"product_id":"android-hackers-handbook-isbn-9781118608647","title":"Android Hacker's Handbook","description":"\u003cp\u003e\u003cb\u003eThe first comprehensive guide to discovering and preventing attacks on the Android OS\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAs the Android operating system continues to increase its share of the smartphone market, smartphone hacking remains a growing threat. Written by experts who rank among the world's foremost Android security researchers, this book presents vulnerability discovery, analysis, and exploitation tools for the good guys. Following a detailed explanation of how the Android OS works and its overall security architecture, the authors examine how vulnerabilities can be discovered and exploits developed for various system components, preparing you to defend against them.\u003c\/p\u003e \u003cp\u003eIf you are a mobile device administrator, security researcher, Android app developer, or consultant responsible for evaluating Android security, you will find this guide is essential to your toolbox.\u003c\/p\u003e \u003cul\u003e \u003cli\u003eA crack team of leading Android security researchers explain Android security risks, security design and architecture, rooting, fuzz testing, and vulnerability analysis\u003c\/li\u003e \u003cli\u003eCovers Android application building blocks and security as well as debugging and auditing Android apps\u003c\/li\u003e \u003cli\u003ePrepares mobile device administrators, security researchers, Android app developers, and security consultants to defend Android systems against attack\u003c\/li\u003e \u003c\/ul\u003e \u003ci\u003eAndroid Hacker's Handbook\u003c\/i\u003e is the first comprehensive resource for IT professionals charged with smartphone security.\u003cbr\u003e \u003cbr\u003e \u003cp\u003eIntroduction xxv\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1 Looking at the Ecosystem 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eUnderstanding Android’s Roots 1\u003c\/p\u003e \u003cp\u003eCompany History 2\u003c\/p\u003e \u003cp\u003eVersion History 2\u003c\/p\u003e \u003cp\u003eExamining the Device Pool 4\u003c\/p\u003e \u003cp\u003eOpen Source, Mostly 7\u003c\/p\u003e \u003cp\u003eUnderstanding Android Stakeholders 7\u003c\/p\u003e \u003cp\u003eGoogle 8\u003c\/p\u003e \u003cp\u003eHardware Vendors 10\u003c\/p\u003e \u003cp\u003eCarriers 12\u003c\/p\u003e \u003cp\u003eDevelopers 13\u003c\/p\u003e \u003cp\u003eUsers 14\u003c\/p\u003e \u003cp\u003eGrasping Ecosystem Complexities 15\u003c\/p\u003e \u003cp\u003eFragmentation 16\u003c\/p\u003e \u003cp\u003eCompatibility 17\u003c\/p\u003e \u003cp\u003eUpdate Issues 18\u003c\/p\u003e \u003cp\u003eSecurity versus Openness 21\u003c\/p\u003e \u003cp\u003ePublic Disclosures 22\u003c\/p\u003e \u003cp\u003eSummary 23\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 Android Security Design and Architecture 25\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eUnderstanding Android System Architecture 25\u003c\/p\u003e \u003cp\u003eUnderstanding Security Boundaries and Enforcement 27\u003c\/p\u003e \u003cp\u003eAndroid’s Sandbox 27\u003c\/p\u003e \u003cp\u003eAndroid Permissions 30\u003c\/p\u003e \u003cp\u003eLooking Closer at the Layers 34\u003c\/p\u003e \u003cp\u003eAndroid Applications 34\u003c\/p\u003e \u003cp\u003eThe Android Framework 39\u003c\/p\u003e \u003cp\u003eThe Dalvik Virtual Machine 40\u003c\/p\u003e \u003cp\u003eUser-Space Native Code 41\u003c\/p\u003e \u003cp\u003eThe Kernel 49\u003c\/p\u003e \u003cp\u003eComplex Security, Complex Exploits 55\u003c\/p\u003e \u003cp\u003eSummary 56\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 Rooting Your Device 57\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eUnderstanding the Partition Layout 58\u003c\/p\u003e \u003cp\u003eDetermining the Partition Layout 59\u003c\/p\u003e \u003cp\u003eUnderstanding the Boot Process 60\u003c\/p\u003e \u003cp\u003eAccessing Download Mode 61\u003c\/p\u003e \u003cp\u003eLocked and Unlocked Boot Loaders 62\u003c\/p\u003e \u003cp\u003eStock and Custom Recovery Images 63\u003c\/p\u003e \u003cp\u003eRooting with an Unlocked Boot Loader 65\u003c\/p\u003e \u003cp\u003eRooting with a Locked Boot Loader 68\u003c\/p\u003e \u003cp\u003eGaining Root on a Booted System 69\u003c\/p\u003e \u003cp\u003eNAND Locks, Temporary Root, and Permanent Root 70\u003c\/p\u003e \u003cp\u003ePersisting a Soft Root 71\u003c\/p\u003e \u003cp\u003eHistory of Known Attacks 73\u003c\/p\u003e \u003cp\u003eKernel: Wunderbar\/asroot 73\u003c\/p\u003e \u003cp\u003eRecovery: Volez 74\u003c\/p\u003e \u003cp\u003eUdev: Exploid 74\u003c\/p\u003e \u003cp\u003eAdbd: RageAgainstTheCage 75\u003c\/p\u003e \u003cp\u003eZygote: Zimperlich and Zysploit 75\u003c\/p\u003e \u003cp\u003eAshmem: KillingInTheNameOf and psneuter 76\u003c\/p\u003e \u003cp\u003eVold: GingerBreak 76\u003c\/p\u003e \u003cp\u003ePowerVR: levitator 77\u003c\/p\u003e \u003cp\u003eLibsysutils: zergRush 78\u003c\/p\u003e \u003cp\u003eKernel: mempodroid 78\u003c\/p\u003e \u003cp\u003eFile Permission and Symbolic Link–Related Attacks 79\u003c\/p\u003e \u003cp\u003eAdb Restore Race Condition 79\u003c\/p\u003e \u003cp\u003eExynos4: exynos-abuse 80\u003c\/p\u003e \u003cp\u003eDiag: lit \/ diaggetroot 81\u003c\/p\u003e \u003cp\u003eSummary 81\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Reviewing Application Security 83\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCommon Issues 83\u003c\/p\u003e \u003cp\u003eApp Permission Issues 84\u003c\/p\u003e \u003cp\u003eInsecure Transmission of Sensitive Data 86\u003c\/p\u003e \u003cp\u003eInsecure Data Storage 87\u003c\/p\u003e \u003cp\u003eInformation Leakage Through Logs 88\u003c\/p\u003e \u003cp\u003eUnsecured IPC Endpoints 89\u003c\/p\u003e \u003cp\u003eCase Study: Mobile Security App 91\u003c\/p\u003e \u003cp\u003eProfiling 91\u003c\/p\u003e \u003cp\u003eStatic Analysis 93\u003c\/p\u003e \u003cp\u003eDynamic Analysis 109\u003c\/p\u003e \u003cp\u003eAttack 117\u003c\/p\u003e \u003cp\u003eCase Study: SIP Client 120\u003c\/p\u003e \u003cp\u003eEnter Drozer 121\u003c\/p\u003e \u003cp\u003eDiscovery 121\u003c\/p\u003e \u003cp\u003eSnarfing 122\u003c\/p\u003e \u003cp\u003eInjection 124\u003c\/p\u003e \u003cp\u003eSummary 126\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 Understanding Android’s Attack Surface 129\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAn Attack Terminology Primer 130\u003c\/p\u003e \u003cp\u003eAttack Vectors 130\u003c\/p\u003e \u003cp\u003eAttack Surfaces 131\u003c\/p\u003e \u003cp\u003eClassifying Attack Surfaces 133\u003c\/p\u003e \u003cp\u003eSurface Properties 133\u003c\/p\u003e \u003cp\u003eClassification Decisions 134\u003c\/p\u003e \u003cp\u003eRemote Attack Surfaces 134\u003c\/p\u003e \u003cp\u003eNetworking Concepts 134\u003c\/p\u003e \u003cp\u003eNetworking Stacks 139\u003c\/p\u003e \u003cp\u003eExposed Network Services 140\u003c\/p\u003e \u003cp\u003eMobile Technologies 142\u003c\/p\u003e \u003cp\u003eClient-side Attack Surface 143\u003c\/p\u003e \u003cp\u003eGoogle Infrastructure 148\u003c\/p\u003e \u003cp\u003ePhysical Adjacency 154\u003c\/p\u003e \u003cp\u003eWireless Communications 154\u003c\/p\u003e \u003cp\u003eOther Technologies 161\u003c\/p\u003e \u003cp\u003eLocal Attack Surfaces 161\u003c\/p\u003e \u003cp\u003eExploring the File System 162\u003c\/p\u003e \u003cp\u003eFinding Other Local Attack Surfaces 163\u003c\/p\u003e \u003cp\u003ePhysical Attack Surfaces 168\u003c\/p\u003e \u003cp\u003eDismantling Devices 169\u003c\/p\u003e \u003cp\u003eUSB 169\u003c\/p\u003e \u003cp\u003eOther Physical Attack Surfaces 173\u003c\/p\u003e \u003cp\u003eThird-Party Modifications 174\u003c\/p\u003e \u003cp\u003eSummary 174\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6 Finding Vulnerabilities with Fuzz Testing 177\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFuzzing Background 177\u003c\/p\u003e \u003cp\u003eIdentifying a Target 179\u003c\/p\u003e \u003cp\u003eCrafting Malformed Inputs 179\u003c\/p\u003e \u003cp\u003eProcessing Inputs 180\u003c\/p\u003e \u003cp\u003eMonitoring Results 181\u003c\/p\u003e \u003cp\u003eFuzzing on Android 181\u003c\/p\u003e \u003cp\u003eFuzzing Broadcast Receivers 183\u003c\/p\u003e \u003cp\u003eIdentifying a Target 183\u003c\/p\u003e \u003cp\u003eGenerating Inputs 184\u003c\/p\u003e \u003cp\u003eDelivering Inputs 185\u003c\/p\u003e \u003cp\u003eMonitoring Testing 185\u003c\/p\u003e \u003cp\u003eFuzzing Chrome for Android 188\u003c\/p\u003e \u003cp\u003eSelecting a Technology to Target 188\u003c\/p\u003e \u003cp\u003eGenerating Inputs 190\u003c\/p\u003e \u003cp\u003eProcessing Inputs 192\u003c\/p\u003e \u003cp\u003eMonitoring Testing 194\u003c\/p\u003e \u003cp\u003eFuzzing the USB Attack Surface 197\u003c\/p\u003e \u003cp\u003eUSB Fuzzing Challenges 198\u003c\/p\u003e \u003cp\u003eSelecting a Target Mode 198\u003c\/p\u003e \u003cp\u003eGenerating Inputs 199\u003c\/p\u003e \u003cp\u003eProcessing Inputs 201\u003c\/p\u003e \u003cp\u003eMonitoring Testing 202\u003c\/p\u003e \u003cp\u003eSummary 204\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7 Debugging and Analyzing Vulnerabilities 205\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGetting All Available Information 205\u003c\/p\u003e \u003cp\u003eChoosing a Toolchain 207\u003c\/p\u003e \u003cp\u003eDebugging with Crash Dumps 208\u003c\/p\u003e \u003cp\u003eSystem Logs 208\u003c\/p\u003e \u003cp\u003eTombstones 209\u003c\/p\u003e \u003cp\u003eRemote Debugging 211\u003c\/p\u003e \u003cp\u003eDebugging Dalvik Code 212\u003c\/p\u003e \u003cp\u003eDebugging an Example App 213\u003c\/p\u003e \u003cp\u003eShowing Framework Source Code 215\u003c\/p\u003e \u003cp\u003eDebugging Existing Code 217\u003c\/p\u003e \u003cp\u003eDebugging Native Code 221\u003c\/p\u003e \u003cp\u003eDebugging with the NDK 222\u003c\/p\u003e \u003cp\u003eDebugging with Eclipse 226\u003c\/p\u003e \u003cp\u003eDebugging with AOSP 227\u003c\/p\u003e \u003cp\u003eIncreasing Automation 233\u003c\/p\u003e \u003cp\u003eDebugging with Symbols 235\u003c\/p\u003e \u003cp\u003eDebugging with a Non-AOSP Device 241\u003c\/p\u003e \u003cp\u003eDebugging Mixed Code 243\u003c\/p\u003e \u003cp\u003eAlternative Debugging Techniques 243\u003c\/p\u003e \u003cp\u003eDebug Statements 243\u003c\/p\u003e \u003cp\u003eOn-Device Debugging 244\u003c\/p\u003e \u003cp\u003eDynamic Binary Instrumentation 245\u003c\/p\u003e \u003cp\u003eVulnerability Analysis 246\u003c\/p\u003e \u003cp\u003eDetermining Root Cause 246\u003c\/p\u003e \u003cp\u003eJudging Exploitability 260\u003c\/p\u003e \u003cp\u003eSummary 261\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8 Exploiting User Space Software 263\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eMemory Corruption Basics 263\u003c\/p\u003e \u003cp\u003eStack Buffer Overflows 264\u003c\/p\u003e \u003cp\u003eHeap Exploitation 268\u003c\/p\u003e \u003cp\u003eA History of Public Exploits 275\u003c\/p\u003e \u003cp\u003eGingerBreak 275\u003c\/p\u003e \u003cp\u003ezergRush 279\u003c\/p\u003e \u003cp\u003emempodroid 283\u003c\/p\u003e \u003cp\u003eExploiting the Android Browser 284\u003c\/p\u003e \u003cp\u003eUnderstanding the Bug 284\u003c\/p\u003e \u003cp\u003eControlling the Heap 287\u003c\/p\u003e \u003cp\u003eSummary 290\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9 Return Oriented Programming 291\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHistory and Motivation 291\u003c\/p\u003e \u003cp\u003eSeparate Code and Instruction Cache 292\u003c\/p\u003e \u003cp\u003eBasics of ROP on ARM 294\u003c\/p\u003e \u003cp\u003eARM Subroutine Calls 295\u003c\/p\u003e \u003cp\u003eCombining Gadgets into a Chain 297\u003c\/p\u003e \u003cp\u003eIdentifying Potential Gadgets 299\u003c\/p\u003e \u003cp\u003eCase Study: Android 4.0.1 Linker 300\u003c\/p\u003e \u003cp\u003ePivoting the Stack Pointer 301\u003c\/p\u003e \u003cp\u003eExecuting Arbitrary Code from a New Mapping 303\u003c\/p\u003e \u003cp\u003eSummary 308\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10 Hacking and Attacking the Kernel 309\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAndroid’s Linux Kernel 309\u003c\/p\u003e \u003cp\u003eExtracting Kernels 310\u003c\/p\u003e \u003cp\u003eExtracting from Stock Firmware 311\u003c\/p\u003e \u003cp\u003eExtracting from Devices 314\u003c\/p\u003e \u003cp\u003eGetting the Kernel from a Boot Image 315\u003c\/p\u003e \u003cp\u003eDecompressing the Kernel 316\u003c\/p\u003e \u003cp\u003eRunning Custom Kernel Code 316\u003c\/p\u003e \u003cp\u003eObtaining Source Code 316\u003c\/p\u003e \u003cp\u003eSetting Up a Build Environment 320\u003c\/p\u003e \u003cp\u003eConfiguring the Kernel 321\u003c\/p\u003e \u003cp\u003eUsing Custom Kernel Modules 322\u003c\/p\u003e \u003cp\u003eBuilding a Custom Kernel 325\u003c\/p\u003e \u003cp\u003eCreating a Boot Image 329\u003c\/p\u003e \u003cp\u003eBooting a Custom Kernel 331\u003c\/p\u003e \u003cp\u003eDebugging the Kernel 336\u003c\/p\u003e \u003cp\u003eObtaining Kernel Crash Reports 337\u003c\/p\u003e \u003cp\u003eUnderstanding an Oops 338\u003c\/p\u003e \u003cp\u003eLive Debugging with KGDB 343\u003c\/p\u003e \u003cp\u003eExploiting the Kernel 348\u003c\/p\u003e \u003cp\u003eTypical Android Kernels 348\u003c\/p\u003e \u003cp\u003eExtracting Addresses 350\u003c\/p\u003e \u003cp\u003eCase Studies 352\u003c\/p\u003e \u003cp\u003eSummary 364\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11 Attacking the Radio Interface Layer 367\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eIntroduction to the RIL 368\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eRIL Architecture 368\u003c\/p\u003e \u003cp\u003eSmartphone Architecture 369\u003c\/p\u003e \u003cp\u003eThe Android Telephony Stack 370\u003c\/p\u003e \u003cp\u003eTelephony Stack Customization 371\u003c\/p\u003e \u003cp\u003eThe RIL Daemon (rild) 372\u003c\/p\u003e \u003cp\u003eThe Vendor-RIL API 374\u003c\/p\u003e \u003cp\u003eShort Message Service (SMS) 375\u003c\/p\u003e \u003cp\u003eSending and Receiving SMS Messages 376\u003c\/p\u003e \u003cp\u003eSMS Message Format 376\u003c\/p\u003e \u003cp\u003eInteracting with the Modem 379\u003c\/p\u003e \u003cp\u003eEmulating the Modem for Fuzzing 379\u003c\/p\u003e \u003cp\u003eFuzzing SMS on Android 382\u003c\/p\u003e \u003cp\u003eSummary 390\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12 Exploit Mitigations 391\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eClassifying Mitigations 392\u003c\/p\u003e \u003cp\u003eCode Signing 392\u003c\/p\u003e \u003cp\u003eHardening the Heap 394\u003c\/p\u003e \u003cp\u003eProtecting Against Integer Overflows 394\u003c\/p\u003e \u003cp\u003ePreventing Data Execution 396\u003c\/p\u003e \u003cp\u003eAddress Space Layout Randomization 398\u003c\/p\u003e \u003cp\u003eProtecting the Stack 400\u003c\/p\u003e \u003cp\u003eFormat String Protections 401\u003c\/p\u003e \u003cp\u003eRead-Only Relocations 403\u003c\/p\u003e \u003cp\u003eSandboxing 404\u003c\/p\u003e \u003cp\u003eFortifying Source Code 405\u003c\/p\u003e \u003cp\u003eAccess Control Mechanisms 407\u003c\/p\u003e \u003cp\u003eProtecting the Kernel 408\u003c\/p\u003e \u003cp\u003ePointer and Log Restrictions 409\u003c\/p\u003e \u003cp\u003eProtecting the Zero Page 410\u003c\/p\u003e \u003cp\u003eRead-Only Memory Regions 410\u003c\/p\u003e \u003cp\u003eOther Hardening Measures 411\u003c\/p\u003e \u003cp\u003eSummary of Exploit Mitigations 414\u003c\/p\u003e \u003cp\u003eDisabling Mitigation Features 415\u003c\/p\u003e \u003cp\u003eChanging Your Personality 416\u003c\/p\u003e \u003cp\u003eAltering Binaries 416\u003c\/p\u003e \u003cp\u003eTweaking the Kernel 417\u003c\/p\u003e \u003cp\u003eOvercoming Exploit Mitigations 418\u003c\/p\u003e \u003cp\u003eOvercoming Stack Protections 418\u003c\/p\u003e \u003cp\u003eOvercoming ASLR 418\u003c\/p\u003e \u003cp\u003eOvercoming Data Execution Protections 419\u003c\/p\u003e \u003cp\u003eOvercoming Kernel Protections 419\u003c\/p\u003e \u003cp\u003eLooking to the Future 420\u003c\/p\u003e \u003cp\u003eOfficial Projects Underway 420\u003c\/p\u003e \u003cp\u003eCommunity Kernel Hardening Efforts 420\u003c\/p\u003e \u003cp\u003eA Bit of Speculation 422\u003c\/p\u003e \u003cp\u003eSummary 422\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 13 Hardware Attacks 423\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eInterfacing with Hardware Devices 424\u003c\/p\u003e \u003cp\u003eUART Serial Interfaces 424\u003c\/p\u003e \u003cp\u003eI\u003csup\u003e2\u003c\/sup\u003eC, SPI, and One-Wire Interfaces 428\u003c\/p\u003e \u003cp\u003eJTAG 431\u003c\/p\u003e \u003cp\u003eFinding Debug Interfaces 443\u003c\/p\u003e \u003cp\u003eIdentifying Components 456\u003c\/p\u003e \u003cp\u003eGetting Specifications 456\u003c\/p\u003e \u003cp\u003eDifficulty Identifying Components 457\u003c\/p\u003e \u003cp\u003eIntercepting, Monitoring, and Injecting Data 459\u003c\/p\u003e \u003cp\u003eUSB 459\u003c\/p\u003e \u003cp\u003eI \u003csup\u003e2\u003c\/sup\u003eC, SPI, and UART Serial Interfaces 463\u003c\/p\u003e \u003cp\u003eStealing Secrets and Firmware 469\u003c\/p\u003e \u003cp\u003eAccessing Firmware Unobtrusively 469\u003c\/p\u003e \u003cp\u003eDestructively Accessing the Firmware 471\u003c\/p\u003e \u003cp\u003eWhat Do You Do with a Dump? 474\u003c\/p\u003e \u003cp\u003ePitfalls 479\u003c\/p\u003e \u003cp\u003eCustom Interfaces 479\u003c\/p\u003e \u003cp\u003eBinary\/Proprietary Data 479\u003c\/p\u003e \u003cp\u003eBlown Debug Interfaces 480\u003c\/p\u003e \u003cp\u003eChip Passwords 480\u003c\/p\u003e \u003cp\u003eBoot Loader Passwords, Hotkeys, and Silent Terminals 480\u003c\/p\u003e \u003cp\u003eCustomized Boot Sequences 481\u003c\/p\u003e \u003cp\u003eUnexposed Address Lines 481\u003c\/p\u003e \u003cp\u003eAnti-Reversing Epoxy 482\u003c\/p\u003e \u003cp\u003eImage Encryption, Obfuscation, and Anti-Debugging 482\u003c\/p\u003e \u003cp\u003eSummary 482\u003c\/p\u003e \u003cp\u003eAppendix A Tool Catalog 485\u003c\/p\u003e \u003cp\u003eDevelopment Tools 485\u003c\/p\u003e \u003cp\u003eAndroid SDK 485\u003c\/p\u003e \u003cp\u003eAndroid NDK 486\u003c\/p\u003e \u003cp\u003eEclipse 486\u003c\/p\u003e \u003cp\u003eADT Plug-In 486\u003c\/p\u003e \u003cp\u003eADT Bundle 486\u003c\/p\u003e \u003cp\u003eAndroid Studio 487\u003c\/p\u003e \u003cp\u003eFirmware Extraction and Flashing Tools 487\u003c\/p\u003e \u003cp\u003eBinwalk 487\u003c\/p\u003e \u003cp\u003efastboot 487\u003c\/p\u003e \u003cp\u003eSamsung 488\u003c\/p\u003e \u003cp\u003eNVIDIA 489\u003c\/p\u003e \u003cp\u003eLG 489\u003c\/p\u003e \u003cp\u003eHTC 489\u003c\/p\u003e \u003cp\u003eMotorola 490\u003c\/p\u003e \u003cp\u003eNative Android Tools 491\u003c\/p\u003e \u003cp\u003eBusyBox 491\u003c\/p\u003e \u003cp\u003esetpropex 491\u003c\/p\u003e \u003cp\u003eSQLite 491\u003c\/p\u003e \u003cp\u003estrace 492\u003c\/p\u003e \u003cp\u003eHooking and Instrumentation Tools 492\u003c\/p\u003e \u003cp\u003eADBI Framework 492\u003c\/p\u003e \u003cp\u003eldpreloadhook 492\u003c\/p\u003e \u003cp\u003eXPosed Framework 492\u003c\/p\u003e \u003cp\u003eCydia Substrate 493\u003c\/p\u003e \u003cp\u003eStatic Analysis Tools 493\u003c\/p\u003e \u003cp\u003eSmali and Baksmali 493\u003c\/p\u003e \u003cp\u003eAndroguard 493\u003c\/p\u003e \u003cp\u003eapktool 494\u003c\/p\u003e \u003cp\u003edex2jar 494\u003c\/p\u003e \u003cp\u003ejad 494\u003c\/p\u003e \u003cp\u003eJD-GUI 495\u003c\/p\u003e \u003cp\u003eJEB 495\u003c\/p\u003e \u003cp\u003eRadare 2 495\u003c\/p\u003e \u003cp\u003eIDA Pro and Hex-Rays Decompiler 496\u003c\/p\u003e \u003cp\u003eApplication Testing Tools 496\u003c\/p\u003e \u003cp\u003eDrozer (Mercury) Framework 496\u003c\/p\u003e \u003cp\u003eiSEC Intent Sniffer and Intent Fuzzer 496\u003c\/p\u003e \u003cp\u003eHardware Hacking Tools 496\u003c\/p\u003e \u003cp\u003eSegger J-Link 497\u003c\/p\u003e \u003cp\u003eJTAGulator 497\u003c\/p\u003e \u003cp\u003eOpenOCD 497\u003c\/p\u003e \u003cp\u003eSaleae 497\u003c\/p\u003e \u003cp\u003eBus Pirate 497\u003c\/p\u003e \u003cp\u003eGoodFET 497\u003c\/p\u003e \u003cp\u003eTotal Phase Beagle USB 498\u003c\/p\u003e \u003cp\u003eFacedancer 21 498\u003c\/p\u003e \u003cp\u003eTotal Phase Beagle I\u003csup\u003e2\u003c\/sup\u003ec 498\u003c\/p\u003e \u003cp\u003eChip Quik 498\u003c\/p\u003e \u003cp\u003eHot air gun 498\u003c\/p\u003e \u003cp\u003eXeltek SuperPro 498\u003c\/p\u003e \u003cp\u003eIDA 499\u003c\/p\u003e \u003cp\u003eAppendix B Open Source Repositories 501\u003c\/p\u003e \u003cp\u003eGoogle 501\u003c\/p\u003e \u003cp\u003eAOSP 501\u003c\/p\u003e \u003cp\u003eGerrit Code Review 502\u003c\/p\u003e \u003cp\u003eSoC Manufacturers 502\u003c\/p\u003e \u003cp\u003eAllWinner 503\u003c\/p\u003e \u003cp\u003eIntel 503\u003c\/p\u003e \u003cp\u003eMarvell 503\u003c\/p\u003e \u003cp\u003eMediaTek 504\u003c\/p\u003e \u003cp\u003eNvidia 504\u003c\/p\u003e \u003cp\u003eTexas Instruments 504\u003c\/p\u003e \u003cp\u003eQualcomm 505\u003c\/p\u003e \u003cp\u003eSamsung 505\u003c\/p\u003e \u003cp\u003eOEMs 506\u003c\/p\u003e \u003cp\u003eASUS 506\u003c\/p\u003e \u003cp\u003eHTC 507\u003c\/p\u003e \u003cp\u003eLG 507\u003c\/p\u003e \u003cp\u003eMotorola 507\u003c\/p\u003e \u003cp\u003eSamsung 508\u003c\/p\u003e \u003cp\u003eSony Mobile 508\u003c\/p\u003e \u003cp\u003eUpstream Sources 508\u003c\/p\u003e \u003cp\u003eOthers 509\u003c\/p\u003e \u003cp\u003eCustom Firmware 509\u003c\/p\u003e \u003cp\u003eLinaro 510\u003c\/p\u003e \u003cp\u003eReplicant 510\u003c\/p\u003e \u003cp\u003eCode Indexes 510\u003c\/p\u003e \u003cp\u003eIndividuals 510\u003c\/p\u003e \u003cp\u003eAppendix C References 511\u003c\/p\u003e \u003cp\u003eIndex 523\u003c\/p\u003e  \u003cp\u003e\u003cb\u003eJOSHUA J. DRAKE\u003c\/b\u003e is a Director of Research Science at Accuvant LABS.\u003c\/p\u003e \u003cp\u003e\u003cb\u003ePAU OLIVA FORA\u003c\/b\u003e is a Mobile Security Engineer with viaForensics.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eZACH LANIER\u003c\/b\u003e is a Senior Security Researcher at Duo Security.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eCOLLIN MULLINER\u003c\/b\u003e is a postdoctoral researcher at Northeastern University.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eSTEPHEN A. RIDLEY\u003c\/b\u003e is a Principal Researcher with Xipiter.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eGEORG WICHERSKI\u003c\/b\u003e is a Senior Security Researcher with CrowdStrike.\u003c\/p\u003e  \u003cp\u003e\u003cb\u003eA complete guide to securing the Android operating system\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe \u003ci\u003eAndroid Hacker’s Handbook\u003c\/i\u003e provides network security professionals and mobile device administrators with the specifics of the Android operating system from a security standpoint. This book explains how the operating system works, security risks associated with it, and the overall security architecture of the operating system. It also explains how vulnerabilities can be found in, and exploits developed for, various components of the system.\u003c\/p\u003e \u003cp\u003eWritten by some of the world’s foremost Android security researchers, the \u003ci\u003eAndroid Hacker’s Handbook\u003c\/i\u003e is the only resource of its kind to explore Android security on this level. This essential guide includes both implementation details as well as complexities introduced by the open nature of the OS.\u003c\/p\u003e \u003cp\u003e\u003cb\u003eLearn to:\u003c\/b\u003e\u003c\/p\u003e \u003cul\u003e \u003cli\u003eBecome familiar with security implementation details, as well as complexities introduced by the open nature of the Android OS\u003c\/li\u003e \u003cli\u003eAvoid common security pitfalls and stay ahead of the latest smartphone hacking strategies\u003c\/li\u003e \u003cli\u003eReview the various types of attacks that have been successful against the Android OS\u003c\/li\u003e \u003cli\u003eExplore rooting and gain an understanding of the partition layout, boot process\u003c\/li\u003e \u003cli\u003eUnderstand the complex nature of the Android ecosystem, including the impact of various hardware vendors and software developers\u003c\/li\u003e \u003c\/ul\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47988739211493,"sku":"NP9781118608647","price":52.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781118608647.jpg?v=1761781398","url":"https:\/\/k12savings.com\/products\/android-hackers-handbook-isbn-9781118608647","provider":"K12savings","version":"1.0","type":"link"}