Module 1
Access Control In the Android OS
Topics: DAC, MAC, UID, GID, AID, Application Sandbox
SELinux
Topics: Architecture, Type Enforcement, Modes, Rules, Security labels
Application Signing
Topics: Signing Goals and Objectives, Google Play signing, Signature Schemes
Permission Based Access Control, Hardware Based Security Features
Topics: Protected APIs, Permission Assignment and Categories, Fingerprint, GateKeeper, Keystore, Encryption, Verified boot
SLIDES (external)
Module 2
Application Components
Topics: Activities, Services, Broadcast Receivers, Content Providers, Intents, adb
WebViews
Topics: JS Interface, JS injection, Web Scraping, Silent Loading
The Window Manager
Topics: Free Floating Windows, System Alert Window, Overlays, Tap jacking, Picture in Picture
Accessibility Service, Admin API, DCL, Reflection
Topics: A11y Implementation, Accessibility Events, Event Lifecycle, A11y Abuse, Device Admin Apps, Using Reflection, Abusing Reflection, DexClassLoader
Module 3
The Java Native Interface
Topics: Locating Native Libs, Tracking down Native Methods in Ghidra, Resolving Native Methods, Dynamic / Static Linking, Using JNITrace
