Android Exploitation


Android vulnerability research and exploitation is a deep dive into the Android security, from third party applications to the kernel.

During this training, students will discover its security model as well as the various security class that affects Android, from a userland and a kernel point of view.

This training aims at providing the students with an actual hands on vulnerability research and exploit development experience on recent Android devices.

This training is designed for intermediate to advanced security professionals

5 jours / 10 heures de théorie / 25 heures de pratique


  • Introduction (1 day)
    • Architecture
    • Bootloader and rooting
    • Applications
    • Process interactions
    • Security model


  • Android userspace LPE (2 days)
    • Attack surface analysis
    • Types of userland vulnerabilities
    • Java and native code reverse engineering
    • Vulnerability research
    • Exploiting Android deserialization vulnerabilities


  • Android kernelspace LPE (2 days)
    • Linux kernel overview
    • Attack surface analysis
    • From kernel arbitrary read/write to root
    • Slub allocator
    • Types of kernelspace vulnerabilities
    • Generic UAF reuse primitives
    • Exploiting UAF and double free vulnerabilities