# Mobile Security

Android Application Security Series (Part 1 - 26) : [https://goo.gl/Tcp8fX](https://t.co/w5GhvSu1A5?amp=1)

* <https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet>
* <https://blog.securitybreached.org/2020/03/17/getting-started-in-android-apps-pentesting/>
* <https://manifestsecurity.com/android-application-security/>
* <https://github.com/anantshri/Android_Security>
* <https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking>
* <https://blog.softwaroid.com/2020/05/02/android-application-penetration-testing-bug-bounty-checklist/>
* ios - <https://mobexler.com/checklist.htm>
* <https://github.com/B3nac/Android-Reports-and-Resources>
* <https://guides.peruzal.com/mobile-device-security-and-penetration-testing-guide/>
* <https://payatu.com/blog/abhilashnigam/ios-pentesing-guide-from-a-n00bs-perspective.1>
* <https://co0nan.gitbook.io/writeups/>

From my tweets :

SANS VIDEO - "How To" Install & Configure Android Emulator by[@joswr1ght](https://twitter.com/joswr1ght) YouTube: [https://youtu.be/ij2Y3dwLdwA](https://t.co/gWKQ1JEvtv?amp=1) - <https://twitter.com/SANSInstitute/status/624973702380285952>

* Android Application Security Series (Part 1 - 26) : [https://goo.gl/Tcp8fX](https://t.co/w5GhvSu1A5?amp=1)

* MobileApp-Pentest-Cheatsheet : High value information on specific mobile application penetration testing : - <https://twitter.com/binitamshah/status/777156946457571328>

* <https://twitter.com/timstrazz/status/886342537253855232>

* Complete [#Android](https://twitter.com/hashtag/Android?src=hashtag_click) app [#security](https://twitter.com/hashtag/security?src=hashtag_click) checklist, with links to testing instructions and best practices [http://goo.gl/Zq4VzP](https://t.co/WH44Ouh8ix?amp=1)

* An interesting write-up of how pwning a mobile device led to Domain compromise. From APK to Golden Ticket:[![](https://pbs.twimg.com/card_img/1280046219855892482/K6dkDzHG?format=jpg\&name=small)](https://t.co/fykk6IXEZD?amp=1)[From APK to Golden TicketFrom APK to Golden Ticket Owning an Android smartphone and gaining Domain Admin rights and more... Andrea Pierini , Giuseppe Trotta February 24, 2017 This article describes the potential dangers of...docs.google.com](https://t.co/fykk6IXEZD?amp=1)

* I'm releasing all the slides (\~800!) of my Mobile Security class: [https://mobisec.reyammer.io](https://t.co/TAAnBMCBqB?amp=1)! They are not perfect, but students learned how to reverse apps, find\&exploit real-world bugs, reason about threat modelling / system security, etc. Very proud of them :-) =><https://twitter.com/reyammer/status/1102636136541966339>

* MOBILE PENTESTING CONTENTS : [https://nileshsapariya.blogspot.com/2016/11/zero-to-hero-mobile-application-testing.html…](https://t.co/Rn8jvpo0h1?amp=1) [https://manifestsecurity.com](https://t.co/fWVDnB0Qyk?amp=1) [https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet…](https://t.co/ATwBfF55Qa?amp=1) [https://github.com/tanprathan/MobileApp-PentestCheatsheet/blob/master/README.md…](https://t.co/a8RK0qqH2Y?amp=1) [https://gbhackers.com/penetration-testing-android-application-checklist/…](https://t.co/ZohcF1Q0Ex?amp=1) [https://gbhackers.com/android-application-penetration-testing/…](https://t.co/XOwWIueAi2?amp=1) [https://secvibe.com/intercepting-android-traffic-for-mobile-appsec-2ba634995f6f…](https://t.co/QavOHmCRja?amp=1) [https://secvibe.com/android-appsec-27855dca8531…](https://t.co/pSnwec9CQd?amp=1)\
  <https://twitter.com/vasim_infosec/status/1174320971966058496>

* Today I am releasing the Mobile Application pentesting Resources : [https://docs.google.com/document/d/1\_c5VcgiyOIrTl2E5M1gU\_EAb-4piONqQEh4PSw4NUL4/edit?usp=sharing…](https://t.co/h9uWyxHvKP?amp=1) Please share your valuable feedback [#MobileApp](https://twitter.com/hashtag/MobileApp?src=hashtag_click) [#infosec](https://twitter.com/hashtag/infosec?src=hashtag_click) [#pentest](https://twitter.com/hashtag/pentest?src=hashtag_click) [#bugbounty](https://twitter.com/hashtag/bugbounty?src=hashtag_click) [#cheatsheet](https://twitter.com/hashtag/cheatsheet?src=hashtag_click) [#resources](https://twitter.com/hashtag/resources?src=hashtag_click) [#Android](https://twitter.com/hashtag/Android?src=hashtag_click) [#ios](https://twitter.com/hashtag/ios?src=hashtag_click)

* <https://github.com/B3nac/Android-Reports-and-Resources>

* [https://mobile-security.gitbook.io/mobile-security-testing-guide](https://mobile-security.gitbook.io/mobile-security-testing-guide/)

* <https://github.com/ashishb/android-security-awesome>

* <https://docs.google.com/presentation/d/1gK2vYdvwFn8r8dSawIWRRIF4yDF4qmMY2qEelS1M7rI/edit#slide=id.g9b88c175c9_0_241>

* <https://ivrodriguez.com/tips-for-mobile-bug-bounty-hunting/>

* <https://medium.com/@hackersdump0>

* <https://github.com/saeidshirazi/awesome-android-security#Checklist>

* <https://www.cobalt.io/blog/getting-started-with-android-application-security>

* <https://medium.com/@srkasthuri/android-pentesting-101-a-novices-handbook-to-getting-started-8f56f877f418>

* <https://www.hackthebox.com/blog/intro-to-mobile-pentesting#what_is_android_penetration_testing_>

* <https://securityboat.net/getting-started-into-android-secuirty/>

* <https://github.com/Anof-cyber/Application-Security>

* <https://github.com/iamsarvagyaa/AndroidSecNotes>

*

{% embed url="<https://twitter.com/imabhisarpandey/status/1434241470635016194?s=20>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gowthams.gitbook.io/bughunter-handbook/mobile-security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.