Hacker Days: AndroGoat
Details
AndroGoat is a purposely developed open source vulnerable/insecure app using Kotlin. This app has a wide range of vulnerabilities related to certificate pinning, custom URL schemes, Android Network Security Configuration, WebViews, root detection and over 20 other vulnerabilities. Security Testers/Professionals/Enthusiasts, Developers...etc. can use this application to understand and defend the vulnerabilities in Android platform
some of the vulnerabilities covered in the session:
- Network security config.xml related vulnerabilities
- Certificate pinning
- Firebase related vulnerabilities
- Unprotected android components
About speaker:
Satish is an Information Security Consultant, researcher and blogger with 9+ years of experience in various areas of information security. His areas of interest are Mobile and Cloud Security. He developed a vulnerable android application using Kotlin – AndroGoat. This is first ever vulnerable app developed using Kotlin. This will help Security Testers/Professionals/Enthusiasts, Developers...etc. to understand and defend the vulnerabilities in Android platform. He presented AndroGoat in Blackhat Europe 2020 event.
For details about speaker - https://twitter.com/satish_patnayak