Android Pentesting Guides

I’ve been reading a lot about Android pentesting this week, so rather than summarizing each one, here’s a list of useful reading for Android pentesting.

Useful Lab Settings

Maybe you want to test something with an executable stack, ASLR off, or otherwise disable some security feature? This article describes settings for NX, ASLR, and SSP on Linux boxes. More details here.

OWASP Security Testing Guide

I can’t believe I didn’t know about OWASP’s security testing guide before. Though it was published a few years ago, it’s pretty much still relevant, and they’re working on a v4.0.