This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Mobile Security Project - Android/References"
From OWASP
Dinis.cruz (talk | contribs) |
Dinis.cruz (talk | contribs) |
||
Line 14: | Line 14: | ||
===Presentation=== | ===Presentation=== | ||
* [http://www.blackhat.com/html/bh-ad-10/bh-ad-10-briefings.html Building Android Sandcastles in Android's Sandbox] at BlackHat Abu Dhabi (Nov 10 - 11 2010) | * [http://www.blackhat.com/html/bh-ad-10/bh-ad-10-briefings.html Building Android Sandcastles in Android's Sandbox] at BlackHat Abu Dhabi (Nov 10 - 11 2010) | ||
+ | |||
+ | ===Tools=== | ||
+ | * [[OWASP O2 Platform]] can be used to review the Android Java source code (create object model of compiled java code, search source-code files, model config files) | ||
+ | * Commercial tools (like Fortify, IBM AppScan Source) can parse Java files (the question is "Do they have Android Specific rules") |
Revision as of 14:42, 5 November 2010
Here are a number of references related to Android Security
Official documentation
Published Research
- Coverity SCAN 2010 Open Source Integrity Report which contains information about 88 Kernel bugs in Android:
Blog posts
- Reversing Android Apps 101 - Jack Mannino
Presentation
- Building Android Sandcastles in Android's Sandbox at BlackHat Abu Dhabi (Nov 10 - 11 2010)
Tools
- OWASP O2 Platform can be used to review the Android Java source code (create object model of compiled java code, search source-code files, model config files)
- Commercial tools (like Fortify, IBM AppScan Source) can parse Java files (the question is "Do they have Android Specific rules")