Request a Demo Contact Us
Bugcrowd Achieves Global CREST Accreditation For Pen Testing
Learn More

Finding Sensitive Data in Android Apps

 

Finding Sensitive Data in Android Apps


In this presentation, Nerdwell reviews common developer assumptions about mobile application security and explores ways in which these assumptions can be invalidated. We begin with a review of some new tools that streamline the bug bounty hunter’s Android hacking workflow. After that, we present tools and techniques for accessing, identifying, and extracting sensitive data from Android apps’ internal storage. Then we wrap up with a discussion of how to maximize the security impact of our findings for impactful bug bounty reports.

 

About the Author


Nerdwell is a systems and security engineer with a passion for bug bounty and vulnerability research. He currently works in critical infrastructure protection and has experience supporting technology in a variety of industries, ranging from manufacturing to healthcare. With over 20 years’ experiences, Nerdwell understands firsthand the challenges of building and supporting complex technology solutions securely. In addition to finding bugs and performing security research, Nerdwell enjoys networking and sharing knowledge with fellow hackers.

More resources

Report

Inside the Mind of a Hacker

Read More
Datasheet

Crowdsourced Security in the Public Sector

Read More
Datasheet

Bugcrowd External Attack Surface Management (EASM)

Read More

Get Started with Bugcrowd

Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.