Wiki

The droidsec.org Wiki collects and collates as much ¡Ê·Ù»¡¤Ê¤É¤Ø¤Î¡ËÌ©¹ð¡¤¹ðÁʡʾõ¡Ë ´ØÏ¢¤·¤¿ to Android °ÂÁ´ as possible. If you find something ¹ÔÊýÉÔÌÀ¤Î, please consider Í¿¤¨¤ë¡¿Êû¤²¤ëing.

For quick Àܶá, we have ÁÈ¿¥¤¹¤ëd the types of ¡Ê·Ù»¡¤Ê¤É¤Ø¤Î¡ËÌ©¹ð¡¤¹ðÁʡʾõ¡Ë into the ¤Ë°ú¤­Â³¤¤¤Æ ÉôÎàs:

• Whitepapers - Android °ÂÁ´ and ÆâÉô¤Îs ´Ø·¸¤Î¤¢¤ë papers
• Æ»¶ñs - Useful Æ»¶ñs for Android °ÂÁ´ ¸¦µæ
• °Î¶È¡¿ÍøÍѤ¹¤ës - Vulnerabilities and °Î¶È¡¿ÍøÍѤ¹¤ës that ±Æ¶Á¤¹¤ë¡¿´¶¾ð Android
• ³ä¤ìÌÜ-Mes - A ̾Êí¡Ê¤ËºÜ¤»¤ë¡Ë¡¿É½¡Ê¤Ë¤¢¤²¤ë¡Ë of Android crackmes (µÕž¤¹¤ëing challenges, etc.)
• Miscellaneous - Other ¾ì½ê¡¿°ÌÃÖs that aggregate Android °ÂÁ´ ´Ø·¸¤Î¤¢¤ë content.
• Ä´½ñ¤ò¤È¤ë¡¿Í½Ì󤹤ës - A ̾Êí¡Ê¤ËºÜ¤»¤ë¡Ë¡¿É½¡Ê¤Ë¤¢¤²¤ë¡Ë of Ä´½ñ¤ò¤È¤ë¡¿Í½Ì󤹤ës ¾ÇÅÀ¡Ê¤ò¹ç¤ï¤»¤ë¡Ëing on Android °ÂÁ´/Malware

Whitepapers

• Pulling a John Connor: ÇÔËÌ¡¦É餫¤¹ing Android Slides by Charlie Miller at ShmooCon 2009 (06th-08th February 2009)
• A Look at a Modern Æ°¤­¤ä¤¹¤¤ °ÂÁ´ Model: Google¡Çs Android Slides by Jon Oberheide at CanSecWest 2009 (16th-20th March 2009)
• Multiplatform Iphone/Android Shellcode, and other smart phone insecurities Slides by Alfredo Ortega & Nico Economou at CanSecWest 2009 (16th-20th March 2009)
• Android Ë¡Äî¤Îs Slides by Andrew Hoog at Æ°¤­¤ä¤¹¤¤ Ë¡Äî¤Îs World 2009 (28th-29th May 2009)
• ºÆ·ú¤¹¤ëing Dalvik »ÈÍÑ¡¿Å¬ÍÑs (Google Android) Slides by Marc Schonefeld at SyScan 2009 (02nd-03rd July 2009)
• õ¸¡¤Î¡¿Í½È÷¤Î Android ³°²Ê WP Slides by ­½ï dz¤ä¤¹s at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat USA 2009 (29th-30th July 2009)
• Fuzzing the Phone in your Phone WP Slides by Charlie Miller & Collin Mulliner at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat USA 2009 (29th-30th July 2009)
• ºÆ·ú¤¹¤ëing Dalvik »ÈÍÑ¡¿Å¬ÍÑs Slides by Marc Schonefeld at HiTB Dubai 2010 (19th-22nd April 2010)
• Android Hax Slides by Jon Oberheide at SummerCon 2010 (18th-20th June 2010)
• More Bugs In More Places: °ÂÁ´¤Ê¡¦Êݾڤ¹¤ë ³«È¯ On Æ°¤­¤ä¤¹¤¤ ÃÅ¡¦¹ËÎΡ¦¸øÌós Slides by David Kane-Parry at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat USA 2010 (28th-29th July 2010)
• These Aren¡Çt the µö²Äs You¡Çre Looking For Slides by Anthony Lineberry, David Luke Richardson & Tim Wyatt at Defcon 18 2010 (30th July - 01st August 2010)
• Smartphones, »ÈÍÑ¡¿Å¬ÍÑs & °ÂÁ´ Slides by Paul Sebastian Ziegler at HiTB KUL 2010 (13th-14th October 2010)
• What¡Çs Old Is New Again: An Overview Of Æ°¤­¤ä¤¹¤¤ »ÈÍÑ¡¿Å¬ÍÑ °ÂÁ´ Slides by Zach Lanier & ¥Þ¥¤¥¯ Zusman at SecTor 2010 (17th-19th October 2010)
• Building Android Sandcastles in Android¡Çs Sandbox WP Slides by Nils at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat Abu Dhabi 2010 (08th-11th November 2010)
• Smart Phones, Dumb Apps Slides by Dan Cornell at OWASP DC 2010 (11th November 2010)
• Android: µÕž¤¹¤ë ¹©³Ø and Ë¡Äî¤Îs Slides by Rapha?l Rigo at DeepSec 2010 (25th-26th November 2010)
• Popping Çú·â¤¹¤ë on A(ndroid)RM ÁõÃÖs WP Slides by Itzhak Avraham at BlackHat DC 2011 (18th-19th January 2011)
• Team JOCH vs Android: The Ultimate Âзè Slides by Jon Oberheide and Zach Lanier at ShmooCon 2011 (05th-07th February 2011)
• ¡Ê·Ù´±¤Î¡Ë½ä²ó¶è°è¡¤¼õ»ý¤Á¶è°èing?up?on?Android - Practical?Android?Attacks Slides by Bas Alberts & Massimiliano Oldani at Infiltrate 2011 (16th-17th April 2011)
• Popping Çú·â¤¹¤ë on A(ndroid)RM ÁõÃÖs Slides by Itzhak (Zuk) Avraham at HiTB AMS 2011 (19th-20th May 2011)
• Don¡Çt Root Robots Slides by Jon Oberheide & Zach Lanier at BSides Detroit 2011 (03rd-04th June 2011)
• A ÏÈÁÈ¤ß for on-ÁõÃÖ Æø¢ escalation °Î¶È¡¿ÍøÍѤ¹¤ë »à·º¼¹¹Ô on Android Link 1 Link 2 by Sebastian H?barth & Rene Mayrhofer at IWSSI 2011 (12th June 2011)
• Taming ¡Ê·Ù»¡¤Ê¤É¤Ø¤Î¡ËÌ©¹ð¡¤¹ðÁʡʾõ¡Ë-Stealing Smartphone »ÈÍÑ¡¿Å¬ÍÑs (on Android) Slides by Yajin Zhou, Xinwen Zhang, Xuxian Jiang & Vincent W. Freeh at TRUST 2011 (22nd-24th June 2011)
• AndBug - A Scriptable Debugger for Android¡Çs Dalvik »ö¼Â¾å¤Î Machine Slides by Scott Dunlop at Recon 2011 (08th-11th July 2011)
• This is REALLY not the Droid you¡Çre looking for WP ¥Ó¥Ç¥ª 1 ¥Ó¥Ç¥ª 2 APK ¤È¤¸¹þ¤ß¡¿Äó½Ð¤¹¤ë by Nicholas J. Percoco & Sean Schulte at Defcon 2011 (04th-07th August 2011)
• Seven Ways to Hang Yourself with Google Android Slides ¥Ó¥Ç¥ª 1 ¥Ó¥Ç¥ª 2 by Yekaterina Tsipenyuk O¡ÇNeil & Erika Chin at Defcon 2011 (04th-07th August 2011)
• Android malware is on the rise Slides by Timothy Armstrong at ¥¦¥¤¥ë¥¹ ¸ø¼°È¯É½ 2011 (05th-07th Oct 2011)
• ¡ÈI Know Kung-Fu!¡É: ʬÀϤ¹¤ëing Æ°¤­¤ä¤¹¤¤ Malware Slides by Alex Kirk at HiTB KUL 2011 (12th-13th October 2011)
• µÕž¤¹¤ëing Android Malware Slides by Mahmud Ab Rahman at HiTB KUL 2011 (12th-13th October 2011)
• °Î¶È¡¿ÍøÍѤ¹¤ëing Androids for Fun and Íø±×¡Ê¤ò¤¢¤²¤ë¡Ë Slides by Riley Hassell at HiTB KUL 2011 (12th-13th October 2011)
• Blackbox Android Slides by Marc Blanchou & Mathew Solnik at HiTB KUL 2011 (12th-13th October 2011)
• °ÂÁ´ ÌäÂ꡿ȯ¹Ô¤¹¤ës in Android Custom Rom¡Çs Slides by Anant Shrivastava at c0c0n 2011 (17th Oct 2011)
• ¡ÈI Know Kung-Fu!¡É: ʬÀϤ¹¤ëing Æ°¤­¤ä¤¹¤¤ Malware Slides by Alex Kirk at H2HC 2011 (29th-30th October 2011)
• How °ÂÁ´ is Broken? : Android ÆâÉô¤Îs and Malware ´¶À÷ ²ÄǽÀ­ Slides by Tsukasa Oi at PacSec 2011 (09th-10th November 2011)
• Yet Another Android Rootkit WP Slides by Tsukasa Oi at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat Abu Dhabi 2011 (14th-15th December 2011)
• Android: From µÕž¤¹¤ëing to Decompilation WP Slides by Anthony Desnos & Geoffroy Gueguen at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat Abu Dhabi 2011 (14th-15th December 2011)
• Bypassing the Android µö²Ä Model Slides by Georgia Weidman at Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ In Paris 2012 (18th-22nd June 2012)
• Android Malware Heuristics EN JP by Masata Nishida at AVTOKYO 2012 (17th November 2012)
• Android Mind Reading: Memory ¼èÆÀ¡¿Çã¼ý and ʬÀÏ with DMD and Volatility ¥Ó¥Ç¥ª Slides by Joe Sylve at Shmoocon 2012
• ¡Ê°­»ö¡¤ÈëÌ©¤Ê¤É¤ò¡Ëȯ¸«¤¹¤ëing Repackaged Smartphone »ÈÍÑ¡¿Å¬ÍÑs in Third-Party Android Marketplaces Slides by Wu Zhou, Yajin Zhou, Xuxian Jiang & Peng Ning at CODASPY 2012
• Dissecting Android Malware: Characterization and ¿Ê²½ Slides by Yajin Zhou & Xuxian Jiang at Oakland 2012
• RiskRanker: Scalable and Àµ³Î¤Ê ̵-day Android Malware ¡ÊÈȺᡤɵ¤¤Ê¤É¤Î¡Ëȯ¸« Slides by Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou & Xuxian Jiang at MOBISYS 2012
• Sleeping Android : °Î¶È¡¿ÍøÍѤ¹¤ë through ³èÆ°Ää»ßÃæ¤Î µö²Ä Requests Slides by James Sellwood at SPSM 2013 (28th August 2012)
• Æ°¤­¤ä¤¹¤¤ °Î¶È¡¿ÍøÍѤ¹¤ë ÃÎǽ »ö¶È¡¿·×²è¡Ê¤¹¤ë¡Ë Slides ¥Ó¥Ç¥ª by Dan Guido & ¥Þ¥¤¥¯ Arpaia at SOURCE Boston 2012 (19th April 2012)
• The ·ã¤·¤¤ Metal That ÆÇ¡ÊÌô¡Ëd the Droid WP Slides ¥Ó¥Ç¥ª by Tyrone Erasmus at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat Europe 2012
• Dex Education: Practicing °ÂÁ´¤Ê Dex Slides by Tim Strazzere at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat USA 2012 (26th July 2012)
• ³ä¤ìÌÜing Open the Phone: An Android Malware ¼«Æ°²½¤¹¤ëd ʬÀÏ Primer Slides by Armando Orozco & Grayson Milbourne at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2012
• Deceiving µö²Äs - »ÙÇÛ¤¹¤ës for Android Malware ¡ÊÈȺᡤɵ¤¤Ê¤É¤Î¡Ëȯ¸« Slides by Vanja Svajcer at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2012
• UI À§Àµ¤¹¤ëing Attacks on Android ÁõÃÖs WP Slides by Marcus Niemietz at ¹õ¿Í¡¿¥Ü¥¤¥³¥Ã¥È Hat Abu Dhabi 2012
• ¼è¤êÁȤàing the Android Challenge Slides by Joshua J. Drake at RuxconBreakpoint 2012
• ¸º¤º¤ëing the Window of ŬÀڤʻþ´ü for Android Malware Slides by Axelle Apvrille & Tim Strazzere at EICAR ²ñµÄ¡¿¶¨µÄ²ñ (May 2012)
• Guns and Smoke to ÇÔËÌ¡¦É餫¤¹ Æ°¤­¤ä¤¹¤¤ Malware Slides by Axelle Apvrille at HashDays 2012 (November 2012)
• Mapping & ¿Ê²½ of Android µö²Äs Slides by Zach Lanier & Andrew Reiter at CounterMeasure 2012
• Into The Droid - ¿­¤Ó¡Ê¤ë¡Ëing Àܶá to Android »ÈÍÑ¼Ô Data Slides by Thomas Âçˤ at Defcon 20 2012
• Dissecting the Android Bouncer Slides by Jon Oberheide and Charlie Miller at SummerCon 2012
• Physical ±¿Æ°-by Downloads Slides by Kyle Osborn at DerbyCon 2012
• ¥­¥Ä¥Ä¥­ - Systematic ¡ÊÈȺᡤɵ¤¤Ê¤É¤Î¡Ëȯ¸« of ǽÎÏ Ï³¤ì¤ës in ºß¸Ë¡¿³ô Android Smartphones Slides by Michael Grace, Yajin Zhou, Zhi Wang, Xuxian Jiang at NDSS 2012
• Android - Bytecode Obfuscation bringing x86 fuckups to dalvik Slides by Patrick Schulz
• Android »ÈÍÑ¡¿Å¬ÍÑ µÕž¤¹¤ë ¹©³Ø & ÊÛ¸îs Slides by Patrick Schulz & Felix Matenaar at SOURCE Dublin 2013
• Armor for your Android Apps ¥Ó¥Ç¥ª by Roman Faynberg at Shmoocon 2013
• µÞ®¤Ê¡¿ÊüÆ¢¤Ê, Scalable ¡ÊÈȺᡤɵ¤¤Ê¤É¤Î¡Ëȯ¸« of ¡ÈPiggybacked¡É Æ°¤­¤ä¤¹¤¤ »ÈÍÑ¡¿Å¬ÍÑs Slides by Wu Zhou, Yajin Zhou, Michael Grace, Xuxian Jiang & Shihong Zou at CODASPY 2013
• Playing Hide and Áܤ·½Ð¤¹ with Dalvik Executables Slides by Axelle Apvrille at Hacktivity 2013
• PatchDroid: Scalable Third-Party °ÂÁ´ Patches for Android ÁõÃÖs Slides by Collin Mulliner, Jon Oberheide, William Robertson & Engin Kirda
• Android OEM¡Çs »ÈÍÑ¡¿Å¬ÍÑs (in)°ÂÁ´ and backdoors without µö²Ä Slides by Andr? Moulu
• The ¾×·â of Vendor Customizations on Android °ÂÁ´ Slides by Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu & Xuxian Jiang at Computer and Communications °ÂÁ´ 2013
• An Android Hacker¡Çs ι¹Ô: Challenges in Android °ÂÁ´ ¸¦µæ Slides by Joshua J. Drake at CanSecWest 2013
• Nifty stuff that you can still do with Android Slides by Xavier ¡ÆxEU¡Ç ¥Ä¥Ð¥á at HES 2013 (2nd May 2013)
• Android: From ¤ä¤¸ to Pwning Slides by Acexor at HackMiami 2013 (July 2013)
• The Droid ³«È¯¡¿ÍøÍÑ SAGA Slides by ADITYA GUPTA & SUBHO HALDER at RSA Asia-ÂÀÊ¿ÍΤΠ²ñµÄ¡¿¶¨µÄ²ñ 2013
• How to Build a SpyPhone WP Slides by Kevin McNamee at BlackHat USA 2013
• Lets Play Applanting WP Slides by Ajit Hatti at BlackHat Europe 2013
• Off Grid communications with Android WP Slides by Josh Thomas at BlackHat Europe 2013
• Android: ONE ROOT TO OWN THEM ALL Slides by Jeff Forristal at BlackHat USA 2013
• ABUSING WEB APIS THROUGH SCRIPTED ANDROID APPLICATIONS WP Slides by Daniel ¤Ä¤Ä¤¯¡¿¥Ú¥Ã¥¯ at BlackHat USA 2013
• µÕž¤¹¤ëing and Auditing Android¡Çs Proprietary Bits Slides by Joshua J. Drake at Recon 2013 (23rd June 2013)
• Android games + ²òÊü¤¹¤ë¡¿¼«Í³¤Ê Wi-Fi = Privacy ϳ¤ì¤ë Slides by Takayuki Sugiura & Yosuke Hasegawa at PacSec 2013
• ÇÔËÌ¡¦É餫¤¹ing the ÊÝ¸î µ¡³£ÁõÃÖ on Android ÃÅ¡¦¹ËÎΡ¦¸øÌó? Slides by Tim Xia at PacSec 2013
• ÇÔËÌ¡¦É餫¤¹ing °ÂÁ´ Enhancements (SE) for Android Slides by Pau Oliva Fora at Defcon 2013
• Playing Hide and Áܤ·½Ð¤¹ with Dalvik Executables Slides by Axelle Apvrille at Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹.Lu 2013 (October 2013)
• ÍðÍÑing Dalvik Beyond ¾µÇ§ Slides by Jurriaan Bremer at Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹.Lu 2013 (October 2013)
• GTA Phishing with µö²Ä Slides by Tom Leclerc and Joany Boutet at Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹.Lu 2013 (October 2013)
• Android: Game of Obfuscation Slides by Jurriaan Bremer & Rodrigo Chiossi at H2HC 2013
• ¼«Æ°²½¤¹¤ëd ʬÀÏ and Deobfuscation of Android Apps & Malware Slides by Jurriaan Bremer at AthCon 2013
• Android DDI: Introduction to Dynamic Dalvik Instrumentation Slides by Collin Mulliner at HiTB KUL 2013 (October 2013)
• TraceDroid: A µÞ®¤Ê¡¿ÊüÆ¢¤Ê and ´°Á´¤Ë¤¹¤ë Android Method ÄÉÀ×¼Ô Slides by ¾¡Íø¼Ô ÀèƬ der Veen at HiTB KUL 2013 (October 2013)
• DEX EDUCATION 201 ANTI-EMULATION Slides by Tim Strazzere at HITCON 2013 (19th July 2013)
• Android Hooking Attack Slides by Minpyo Hong & Dongcheol Hong at HITCON 2013 (19th July 2013)
• Review of °ÂÁ´ Vulnerabilities on the Android ÃÅ¡¦¹ËÎΡ¦¸øÌó Slides by Claud Xiao at HITCON 2013 (19th July 2013)
• Escaping Android Dynamic ʬÀÏ; Chinese New Year Train Ticket Ordering Day Slides by ìä? & ÐäĶ at HITCON 2013 (19th July 2013)
• Droid ·ãÅܡʤ¹¤ë¡Ë - Android ³«È¯¡¿ÍøÍÑ on steroids Slides by Pablo ñÆȤΠ& Agustin Gianni at EkoParty 2013
• TaintDroid - An ¡Ê·Ù»¡¤Ê¤É¤Ø¤Î¡ËÌ©¹ð¡¤¹ðÁʡʾõ¡Ë-Flow Àפò¤Ä¤±¤ëing System for Realtime Privacy ´Æ»ë¤¹¤ëing on Smartphones Slides by William Enck, et. al at OSDI¡Ç10
• Android °ÂÁ´ Vulnerabilities and °Î¶È¡¿ÍøÍѤ¹¤ës Slides by Justin »öÎã¡¿´µ¼Ô at XDA Devcon 2013
• ¹½Â¤¾å¤Î ¡ÊÈȺᡤɵ¤¤Ê¤É¤Î¡Ëȯ¸« of Android Malware using Embedded Call Graphs Slides by Hugo Gascon, Fabian Yamaguchi, Daniel Arp & Konrad Rieck at AiSec 2013
• ¾ÜºÙ¡Ê¤Ë½Ò¤Ù¤ë¡Ë of CVE-2013-4787(Master ½ÅÍ×¤Ê Vulnerability) Slides by Masata Nishida at AVTOKYO 2013.5 (16th February 2014)
• Android Anti-Ë¡Äî¤Îs: ½¤Àµ¤¹¤ëing CyanogenMod Link 1 Link 2 by Karl-Johan Karlsson, William Bradley Glisson at HICSS 2014 (Jan 2014)
• Æ°¤­¤ä¤¹¤¤ ʬÀÏ Kung Fu, Santoku Style Slides by Andrew Hoog & Sebasti?n Guerrero at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2014 (24th-28th February)
• Beginners Guide to µÕž¤¹¤ë ¹©³Ø Android Apps Slides by Pau Oliva Fora at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2014 (24th-28th February)
• Touchlogger on iOS and Android Slides by Neal Hindocha & Nathan McCauley at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2014 (24th-28th February)
• Predatory Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ing of Æ°¤­¤ä¤¹¤¤: Real ¥Ç¥âs Slides by Jeff Forristal at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2014 (24th-28th February)
• µÕž¤¹¤ë ¹©³Ø, Pentesting and Hardening of Android Apps Slides by Marco Grassi at DroidCon 2014
• DREBIN: ¸ú²ÌŪ¤Ê and Explainable ¡ÊÈȺᡤɵ¤¤Ê¤É¤Î¡Ëȯ¸« of Android Malware in Your Pocket Slides by Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon & Konrad Rieck at NDSS 2014 (23rd-26th Feb 2014)
• ¿ë¹Ô¤¹¤ë¡¿È¯¸ú¤µ¤»¤ë This! ʬÀϤ¹¤ëing ´í¸±¤Ê and Malicious Dynamic Code Ééôing in Android »ÈÍÑ¡¿Å¬ÍÑs Slides by Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna at NDSS 2014 (23rd-26th Feb 2014)
• AppSealer: (a)¼«Æ°Åª¤Ê¡¿(n)¼«Æ°·ý½Æ À¤Âå of Vulnerability-ÌÀ³Î¤Ê¡¿ºÙÉô Patches for ˸¤²¤ëing ¹½À®Í×ÁÇ ¥Ï¥¤¥¸¥ã¥Ã¥¯ Attacks in Android »ÈÍÑ¡¿Å¬ÍÑs Slides by Mu Zhang, Heng Yin at NDSS 2014 (23rd-26th Feb 2014)
• SMV-Hunter: Large µ¬ÌÏ, ¼«Æ°²½¤¹¤ëd ¡ÊÈȺᡤɵ¤¤Ê¤É¤Î¡Ëȯ¸« of SSL/TLS Man-in-the-Middle Vulnerabilities in Android Apps Slides by David Sounthiraraj, Justin Sahs, Zhiqiang Lin, Latifur ι½ÉÇñ½ê, Garrett Greenwood at NDSS 2014 (23rd-26th Feb 2014)
• AirBag: ¾å¤²¤ëing Smartphone Äñ¹³ to Malware ´¶À÷ Slides by Chiachih Wu, Yajin Zhou, Kunal Patel, Zhenkai Liang, Xuxian Jiang at NDSS 2014 (23rd-26th Feb 2014)
• Inside ¿¦¶È: Understanding and Mitigating the ¶¼¤· of ³°Éô¤Î ÁõÃÖ Mis-Binding on Android Slides by Muhammad Naveed, Xiaoyong Zhou, Soteris Demetriou, XiaoFeng Wang, Carl Gunter at NDSS 2014 (23rd-26th Feb 2014)
• Screenmilker: How to Milk Your Android ¿³ºº¤¹¤ë for Secrets Slides by Chia-Chi Lin, Hongyang Li, Xiaoyong Zhou, XiaoFeng Wang at NDSS 2014 (23rd-26th Feb 2014)
• PREC: Practical Root °Î¶È¡¿ÍøÍѤ¹¤ë Éõ¤¸¹þ¤á¡ÊÀ¯ºö¡Ë for Android ÁõÃÖs Slides by Tsung-Hsuan Çä½ÕÉØ, Daniel Dean, Xiaohui Gu, William Enck at CODASPY 2014 (March 2014 )
• Compac: »Ü¹Ô¤¹¤ë ¹½À®Í×ÁÇ Level ÀÜ¶á »ÙÇۡʤ¹¤ë¡Ë¡¿ÅýÀ©¤¹¤ë in Android Slides by Yifei Wang, Srinivas Hariharan, Chenxi Zhao, Jiaming Liu and Wenliang Du at CODASPY 2014 (March 2014 )
• DIVILAR: Diversifying Ãæ´Ö¤Î Language for Anti-Repackaging on Android ÃÅ¡¦¹ËÎΡ¦¸øÌó Slides by Wu Zhou, Zhi Wang, Yajin Zhou and Xuxian Jiang at CODASPY 2014 (March 2014 )
• Systematic Audit of Thirty-Party Android Phones Slides by Michael Mitchell, Guanyu Tian and Zhi Wang at CODASPY 2014 (March 2014 )
• DroidBarrier: Know What is ¿ë¹Ô¤¹¤ë¡¿È¯¸ú¤µ¤»¤ëing on Your Android Slides by Hussain Almohri, Danfeng Yao and Dennis Kafura at CODASPY 2014 (March 2014 )
• Pre-Ǥ̿¤¹¤ë¡¿Æ³Æþ¤¹¤ëd Android »ÈÍÑ¡¿Å¬ÍÑ ÆÇ¡ÊÌô¡Ëing Link 1 Link 2 by Yoshitaka Kato at AppSecAsiaPac 2014 (17th-20th March 2014 )
• ·ãÅܡʤ¹¤ë¡Ë Against the »ö¼Â¾å¤Î Machine: ˸¤²¤ëing Dynamic ʬÀÏ of Android Malware Link 1 Link 2 by Thanasis Petsas, Giannis Voyatzis, Elias Athanasopoulos, Sotiris Ioannidis, Michalis Polychronakis at EuroSec 2014 (13th April 2014 )
• Pentesting Android »ÈÍÑ¡¿Å¬ÍÑs Slides by Cl?udio Andr? at Confraria Seguran?a PT 5/2014 (May 2014 )
• From Zygote to Morula: ËÉÈ÷¤ò·ø¤á¤ë¡¿¶¯²½¤¹¤ëing ¼å¤á¤ëd ASLR on Android Slides by Byoungyoung ʪ±¢¡¿É÷²¼, Long Lu, Tielei Wang, Taesoo Kim, Wenke ʪ±¢¡¿É÷²¼ at Oakland 2014 (May 2014 )
• ¾º³Êing Your Android, Elevating My Malware: Æø¢ Escalation Through Æ°¤­¤ä¤¹¤¤ OS Updating Slides by Luyi Xing, Xiaorui Pan, Rui Wang, Kan Yuan, XiaoFeng Wang at Oakland 2014 (May 2014 )
• The ´í¸±¡¤´í¤Ê¤¯¤¹¤ë of Fragmentation: °ÂÁ´ Hazards in Android ÁõÃÖ Driver Customizations Slides by Xiaoyong Zhou, Yeonjoon ʪ±¢¡¿É÷²¼, Nan Zhang, Muhammad Naveed, Xiaofeng Wang at Oakland 2014 (May 2014 )
• Tricks for image °·¤¦ing in Android Slides by Tyrone Nicholas at DroidCon Berlin 2014 (08th-10th May 2014)
• ÃÏ°Ì¡¤Ç¤Ì¿¤¹¤ë-Mortem Memory ʬÀÏ of Îäø¤Ê-Booted Android ÁõÃÖs Link 1 Link 2 by Christian Hilgers, Holger Macht, Tilo Muller, Michael Spreitzenbarth at ¹ñºÝÄ̲ߴð¶â 2014 (12th-14th May 2014 )
• ¿ë¹Ô¤¹¤ë¡¿È¯¸ú¤µ¤»¤ë this! Looking into code-Ééôing techniques on Android Slides by Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi, Christopher Kruegel, Giovanni Vigna at Honeynet »ö¶È¡¿·×²è¡Ê¤¹¤ë¡Ë Workshop 2014 (12th-14th May 2014 )
• °Î¶È¡¿ÍøÍѤ¹¤ëing the Bells and Whistles: ˽Ϫ¤¹¤ëing OEM Vulnerabilities in Android Slides by Jake Valletta at CarolinaCon 10 2014 (16th-18th May 2014 )
• Enter Sandbox: Android Sandbox Comparison WP Slides by Sebastian Neuner, ¾¡Íø¼Ô ÀèƬ der Veen, Martina Lindorfer, Markus Huber, Georg Merzdovnik, ¥Ä¥Ð¥á Mulazzani and Edgar Weippl at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
• An »ÈÍÑ¡¿Å¬ÍÑ °ì³ç Configuration Approach to Mitigating Android SSL Vulnerabilities Slides by Vasant Tendulkar and William Enck at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
• Andlantis: Large-µ¬ÌÏ Android Dynamic ʬÀÏ WP Slides by Michael Bierma, Eric Gustafson, Jeremy Erickson, David Fritz and Yung Ryn Choe at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
• A Systematic °ÂÁ´ Evaluation of Android¡Çs Multi-»ÈÍÑ¼Ô ÏÈÁÈ¤ß WP Slides by Paul Ratazzi, Yousra Aafer, Amit Ahlawat, Hao Hao, Yifei Wang and Wenliang Du at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
• Sprobes: »Ü¹Ô¤¹¤ëing Kernel Code ÀµÄ¾¤µ on the TrustZone Architecture WP Slides by Xinyang Ge, Hayawardh Vijayakumar and Trent Jaeger at MOBILE SECURITY TECHNOLOGIES 2014 (17th May 2014 )
• ÌÀ¸À¤¹¤ë¡¿¸øɽ¤¹¤ë of the Art - Ä´ºº¤¹¤ëing the New Android KitKat Runtime Slides by Paul Sabanal at HiTB Amsterdam 2014 (29th-30th May 2014 )
• Èò¤±¤ëing Android Runtime ʬÀÏ ·Ðͳ¤Ç Sandbox ¡ÊÈȺᡤɵ¤¤Ê¤É¤Î¡Ëȯ¸« Slides by Timothy Vidas, Nicolas Christin at AsiaCCS 2014 (04th-06th June 2014 )
• VirtualSwindle: An ¼«Æ°²½¤¹¤ëd Attack Against In-App Ë¡°Æing on Android Slides by Collin Mulliner, William Robertson, Engin Kirda at AsiaCCS 2014 (04th-06th June 2014 )
• DroidRay: A °ÂÁ´ Evaluation System for Customized Android Firmwares Slides by Min Zheng, Mingshen Sun, John C.S. Lui at AsiaCCS 2014 (04th-06th June 2014 )
• APKLancet: Tumor Payload Diagnosis and Purification for Android »ÈÍÑ¡¿Å¬ÍÑs Slides by Wenbo Yang, Juanru Li, Yuanyuan Zhang, Yong Li, Junliang Shu, Dawu Gu at AsiaCCS 2014 (04th-06th June 2014 )
• BREAKING THROUGH THE BOTTLENECK: MOBILE MALWARE IS OUTBREAK SPREADING LIKE WILDFIRE Slides (Password:HIP2014Thomas) by Thomas Wang at HackInParis 2014 (23rd-27th June 2014 )
• Android Packers:Separating from the pack Slides by Ruchna Nigam at area41 °ÂÁ´ ²ñµÄ¡¿¶¨µÄ²ñ 2014 (June 2014 )
• Á°¿Ê¤¹¤ëd Bootkit Techniques on Android Slides by Chen Zhangqi & Shen Di at SyScan360 2014 (16th-17th July 2014 )
• Click and Dragger: ÈÝÄê and Deception on Android Æ°¤­¤ä¤¹¤¤ Slides by thegrugq at SyScan360 2014 (16th-17th July 2014)
• Android FakeID Vulnerability Walkthrough Slides by Jeff Forristal at BlackHat USA 2014 (06th-07th August 2014)
• Understanding IMSI Privacy Slides by Ravishankar Borgaonkar & Swapnil Udar at BlackHat USA 2014 (06th-07th August 2014)
• Sidewinder Ūd Attack Against Android In The Golden Age Of AD LIBS Slides by Tao Wei & Yulong Zhang at BlackHat USA 2014 (06th-07th August 2014)
• ¸¦µæing Android ÁõÃÖ °ÂÁ´ With The Help Of A Droid Army Slides by Joshua Drake at BlackHat USA 2014 (06th-07th August 2014)
• Reflection On ¿®ÍÑing Trustzone WP Slides by Dan Rosenberg at BlackHat USA 2014 (06th-07th August 2014)
• MyY Google Glass Sees Your Passwords! WP Slides by Xinwen Fu & Qinggang Yue & Zhen Ling at BlackHat USA 2014 (06th-07th August 2014)
• ºÙ˦¤Î ³«È¯¡¿ÍøÍÑ On A Á´À¤³¦¤Î µ¬ÌÏ: The Rise And Íî¤Á¤ë Of The Ccontrol µÄÄê½ñ Slides by Mathew Solnik & Marc Blanchou at BlackHat USA 2014 (06th-07th August 2014)
• Android Hacker Êݸî Level 0 WP Source code by Tim Strazzere & Jon Sawyer at Defcon 22 2014 (07th-10th August 2014)
• ¶õÂÐÃϥߥµ¥¤¥ë: A Programmable Interface for ±äŤ¹¤ëing Android °ÂÁ´ Slides by Stephan Heuser, Adwait Nadkarni, William Enck, Ahmad-Reza Sadeghi at 23rd USENIX °ÂÁ´ ƤÏÀ²ñ (20th-22th August 2014)
• Peeking into Your App without ¸½¼Â¤Ë Seeing it: UI ÌÀ¸À¤¹¤ë¡¿¸øɽ¤¹¤ë Inference and Novel Android Attacks Slides by Qi Alfred Chen, Zhiyun Qian, Z. Morley Mao at 23rd USENIX °ÂÁ´ ƤÏÀ²ñ (20th-22th August 2014)
• Insecure ÆâÉô¤Î Ãù¢ in Android WP Source code by Claud Xiao at Hitcon 2014 (19th-22th August 2014)
• Guess Where I am-AndroidÌÏ?´ï?ÈòŪ??Í¿?? WP Source code by ¸Õʸ·¯ & Claud Xiao at Hitcon 2014 (19th-22th August 2014)
• On the ¼Â¸½²Äǽ of Automa3cally À¸À®¤¹¤ëing Android ¹½À®Í×ÁÇ ¥Ï¥¤¥¸¥ã¥Ã¥¯ °Î¶È¡¿ÍøÍѤ¹¤ës Slides by Wu Daoyuan at Hitcon 2014 (19th-22th August 2014)
• Play Flappy Bird while you pentest Android in style Slides by Chris Liu & Matthew Lionetti at Hitcon 2014 (19th-22th August 2014)
• Android ´è¸ÇÌÚÇϾ︫¼êË¡çÐÀ¶Íý Slides by ìä? at Hitcon 2014 (19th-22th August 2014)
• Find your own Android kernel bug Slides by Êý²È¹° at ¡ÖAndroid root µ»?º»?¡× 2014 (23rd August 2014)
• root Ū?Çò»öѹ Slides by Mick at ¡ÖAndroid root µ»?º»?¡× 2014 (23rd August 2014)
• rootµ»?Í¿Android?ÍÑ?? Slides by ?ͦºö at ¡ÖAndroid root µ»?º»?¡× 2014 (23rd August 2014)
• ½Ö?ÇúßÚ¡ªRootÙÜ?Ū¼ê´ù Slides by ¿½íì at ¡ÖAndroid root µ»?º»?¡× 2014 (23rd August 2014)
• Bypassing wifi »Ùʧ¤¦¡¿Ä¶â-ʽ¤Ç°Ï¤às with Android Slides by Pau Oliva Fora at RootedCon 2014 (19th-20th September 2014)
• A ʬÇÛ¤¹¤ëd approach to malware ʬÀÏ Link 1 Link 2 by Daan Raman at BruCON 0x06 - 2014 (25th-26th September 2014)
• Á°¿Ê¤¹¤ëd Tracing and ´Æ»ë¤¹¤ëing of Android »ÈÍÑ¡¿Å¬ÍÑs Slides by Zsombor Kov?cs ¿¯Æþ¡¿¿»Æ© tester, Gerg? K?penczei at Hacktivity 2014 (10th-11th October 2014)
• Enter The Snapdragon! Slides by Daniel Komaromy at Hacktivity 2014 (10th-11th October 2014)
• Android Ë¡Äî¤Îs: The Joys of JTAG Slides by tty0x80 at Ruxcon 2014 (11th-12th October 2014)
• TACKYDROID: Pentesting Android »ÈÍÑ¡¿Å¬ÍÑs in Style slides by Chris Liu & Matthew Lionetti at HiTB KUL 2014 (15th-16th October 2014)
• BREAKING ¡ÈSECURE¡É MOBILE APPLICATIONS Slides by Dominic Chell at HiTB KUL 2014 (15th-16th October 2014)
• Hide Android »ÈÍÑ¡¿Å¬ÍÑs in Images WP Slides by Axelle Apvrille & Ange Albertini at BlackHat Europe 2014 (14th-17th October 2014)
• MAN IN THE BINDER: HE À¤³¦ÊÝ·òµ¡¹½ CONTROLS IPC, CONTROLS THE DROID WP Slides by Nitay Artenstein & Idan Revivo at BlackHat Europe 2014 (14th-17th October 2014)
• Æ°¤­¤ä¤¹¤¤ Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ing ? µÕž¤¹¤ë ¹©³Ø the Android OS Slides by Tom Updegrove at HackerHalted 2014 (16th-17th October 2014)
• Vaccinating Android Slides by Milan Gabor & Danjel Grah at GrrCon 2014 (16th-17th October 2014)
• Making Android¡Çs Bootable ²óÉü Work For You Slides by Drew Suarez at EkoParty 2014 (29th-31st October 2014)
• An Infestation of Dragons: Ä´ºº¤¹¤ëing Vulnerabilities in the ARM TrustZone Architecture Slides by Josh ¡Èm0nk¡É Thomas, Charles Holmes & Nathan Keltner at PacSec Japan 2014 (12th-13th November 2014)
• Hey, we catch you - dynamic ʬÀÏ of Android »ÈÍÑ¡¿Å¬ÍÑs Slides by Wenjun Hu at PacSec Japan 2014 (12th-13th November 2014)
• Steroids for your App °ÂÁ´ ººÄ꡿ɾ²Á Slides by Marco Grassi at ZeroNights 2014 (13th-14th November 2014)
• Racing with DROIDS Slides by Peter Hlavaty at ZeroNights 2014 (13th-14th November 2014)
• È¿ÂФ¹¤ëing Æ°¤­¤ä¤¹¤¤ malware in CSP¡Çs ÌÖ¾õÁÈ¿¥ Android honeypot as anti-º¾µ½ ²òÅú Slides by Denis Gorchakov, Nikolay Goncharov at ZeroNights 2014 (13th-14th November 2014)
• Creating a kewl and simple Cheating ÃÅ¡¦¹ËÎΡ¦¸øÌó on Android Slides by Milan Gabor & Danijel Grah at DeepSec 2014 (18th-21st November 2014)
• ¡Ê·Ù»¡¤Ê¤É¤Ø¤Î¡ËÌ©¹ð¡¤¹ðÁʡʾõ¡Ë-Flow ʬÀÏ of Android »ÈÍÑ¡¿Å¬ÍÑs in DroidSafe Slides by Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen and ¥Ä¥Ð¥á Rinard at NDSS ƤÏÀ²ñ 2015 (08th-11th February 2015)
• What¡Çs in Your Dongle and Bank Account? µÁ̳Ū¤Ê and Discretionary Êݸî of Android ³°Éô¤Î »ñ¸»s Slides by Soteris Demetriou, Xiaoyong Zhou, Muhammad Naveed, Yeonjoon ʪ±¢¡¿É÷²¼, Kan Yuan, XiaoFeng Wang and Carl A Gunter at NDSS ƤÏÀ²ñ 2015 (08th-11th February 2015)
• EdgeMiner: Automatically ¡Ê°­»ö¡¤ÈëÌ©¤Ê¤É¤ò¡Ëȯ¸«¤¹¤ëing Implicit »ÙÇۡʤ¹¤ë¡Ë¡¿ÅýÀ©¤¹¤ë Flow °Ü¹Ôs through the Android ÏÈÁÈ¤ß Slides by Yinzhi Cao, Yanick Fratantonio, Antonio Bianchi, Manuel Egele, Christopher Kruegel, Giovanni Vigna and Yan Chen at NDSS ƤÏÀ²ñ 2015 (08th-11th February 2015)
• CopperDroid: (a)¼«Æ°Åª¤Ê¡¿(n)¼«Æ°·ý½Æ ºÆ·ú of Android Malware ¹Ô°Ùs Slides by Kimberly Tam, Salahuddin J. ι½ÉÇñ½ê, Aristide Fattori and Lorenzo Cavallaro at NDSS ƤÏÀ²ñ 2015 (08th-11th February 2015)
• DeepDroid: Dynamically »Ü¹Ô¤¹¤ëing ´ë¶È À¯ºö on Android ÁõÃÖs Slides by Xueqiang Wang, Kun Sun, Yuewu Wang and Jiwu Jing at NDSS ƤÏÀ²ñ 2015 (08th-11th February 2015)
• Android Malware and ʬÀÏ ¥Ó¥Ç¥ª by Shane Hartman at BSides Tampa 2015 (21st February 2015)
• Watch you lookin¡Ç at? Slides by Jahmel Harris & Owen Evans at Securi-Tay 2015 (27th February 2015)
• On Relaying NFC »Ùʧ¤¤¡Ê³Û¡Ë ½èÍý¡¿¼è°ús using Android ÁõÃÖs Slides by Ricardo J. Rodr?guez y & Jos? Vila at RootedCon 2015 (05th-07th March 2015)
• Android: »Ù±ç¤¹¤ë to the ̤Íè, Two or Too Slides by Ra?l Siles at RootedCon 2015 (05th-07th March 2015)
• DABID: The Powerful Interactive Android Debugger For Android Malware ʬÀÏ Slides by Jin-hyuk Jung & Jieun ʪ±¢¡¿É÷²¼ at BlackHat Asia 2015 (26th-27th March 2015)
• Hiding Behind Android Runtime (ART) Slides WP by Paul Sabanal at BlackHat Asia 2015 (26th-27th March 2015)
• Relaying EMV Contacless ½èÍý¡¿¼è°ús Using Off-The-Shelf Android ÁõÃÖs Slides WP by Jordi ÀèƬ den Breekel at BlackHat Asia 2015 (26th-27th March 2015)
• Resurrecting The READ_LOGS PERMISSION On Samsung ÁõÃÖs Slides WP by Ryan Johnson & Angelos Stavrou at BlackHat Asia 2015 (26th-27th March 2015)
• We Can Still ³ä¤ìÌÜ You! General Unpacking Method For Android Packer (NO ROOT) Slides by Yeongung Park at BlackHat Asia 2015 (26th-27th March 2015)
• Fuzzing the ¥Þ¥¹¥³¥ß ÏÈÁÈ¤ß in Android Slides by Alexandru Blanda at Android ·úÀ߶ȼÔs ¼óǾ²ñµÄ 2015 (23th-25th March 2015)
• Android OTA Updates Slides by Andrew Boie at Android ·úÀ߶ȼÔs ¼óǾ²ñµÄ 2015 (23th-25th March 2015)
• Lollipop MR1 Ω¾Ú¤¹¤ëd Boot Slides by Andrew Boie at Android ·úÀ߶ȼÔs ¼óǾ²ñµÄ 2015 (23th-25th March 2015)
• ÆÀ¤ë¡¤¤È¤é¤¨¤ë¡Çn Run, a simple and ¸ú²ÌŪ¤Ê Java Library for Android »ö¶È¡¿·×²è¡Ê¤¹¤ë¡Ës to °ÂÁ´¤Ê¡¦Êݾڤ¹¤ë dynamic code Ééôing Slides »ö¶È¡¿·×²è¡Ê¤¹¤ë¡Ë by Luca Falsina at DroidCon Italy 2015 (09th-10th April 2015)
• Android °ÂÁ´ - Data from the Frontlines Slides by Adrian Ludwig at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2015 (20th-24th April 2015)
• How We Discovered Thousands of ¹¶·â¤ò¼õ¤±¤ä¤¹¤¤ Android Apps in 1 Day Slides by Joji Montelibano & Will Dormann at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2015 (20th-24th April 2015)
• But¡Ä It¡Çs an App/Play Ãߤ¨¤ë¡¿Å¹ Download: ¸¦µæ Exposes Æ°¤­¤ä¤¹¤¤ App ·ç´Ùs Slides by Andrew Hoog & Ryan Welton at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2015 (20th-24th April 2015)
• Live Æ°¤­¤ä¤¹¤¤ Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ing ¥Ç¥â and Dissection! Slides by Lior Ben-Porat, Rotem Salinas & Jason Rader at RSA ²ñµÄ¡¿¶¨µÄ²ñ 2015 (20th-24th April 2015)
• Digging for Android Kernel Bugs Slides by James Fang & Sen Nie at Qualcomm Æ°¤­¤ä¤¹¤¤ °ÂÁ´ ¼óǾ²ñµÄ 2015 (30th April to 1st May 2015)
• Android App ¡ÈÊݸî¡É Slides by Tim ¡Èdiff¡É Strazzere & Jon ¡ÈJustin »öÎã¡¿´µ¼Ô¡É Sawyer at Qualcomm Æ°¤­¤ä¤¹¤¤ °ÂÁ´ ¼óǾ²ñµÄ 2015 (30th April to 1st May 2015)
• Bypassing Android Binary Êݸîs Slides by Julian Berton at WAHCKon[2] Perth 2015 ²ñµÄ¡¿¶¨µÄ²ñ (2nd-3rd May 2015)
• Android malware code ºÆ»ÈÍѤ¹¤ë: myths and reality ¥Ó¥Ç¥ª by Natalia Stakhanova at 2015 Honeynet »ö¶È¡¿·×²è¡Ê¤¹¤ë¡Ë Workshop (18th-20th May 2015)
• Æ°¤­¤ä¤¹¤¤ Inception: a look inside modern ¥¹¥Ñ¥¤ malware ¥Ó¥Ç¥ª by Ryan Smith at 2015 Honeynet »ö¶È¡¿·×²è¡Ê¤¹¤ë¡Ë Workshop (18th-20th May 2015)
• How to Root 10 Million Phones with one °Î¶È¡¿ÍøÍѤ¹¤ë Slides by James Fang at MoSec 2015 (05th June 2015)
• What Can You Do To An APK Without Its »äŪ¤Ê ½ÅÍ×¤Ê Except Repacking? WP Slides by Peng Xiao at Blackhat Æ°¤­¤ä¤¹¤¤ °ÂÁ´ ¼óǾ²ñµÄ London 2015 (20th-21st June 2015)
• ÍðÍÑing Android Apps And ¿­¤Ó¡Ê¤ë¡Ëing Remote Code »à·º¼¹¹Ô Slides by Ryan Welton at Blackhat Æ°¤­¤ä¤¹¤¤ °ÂÁ´ ¼óǾ²ñµÄ London 2015 (20th-21st June 2015)
• Deconstructing KONY Android Apps WP Slides by Chris Weedon at Blackhat Æ°¤­¤ä¤¹¤¤ °ÂÁ´ ¼óǾ²ñµÄ London 2015 (20th-21st June 2015)
• ¸¡ºº¡¿»ë»¡¤¹¤ëing Data From The Safety Of Your ¿®ÍÑd »à·º¼¹¹Ô ´Ä¶­ WP Slides by John Williams at Blackhat Æ°¤­¤ä¤¹¤¤ °ÂÁ´ ¼óǾ²ñµÄ London 2015 (20th-21st June 2015)
• Æ°¤­¤ä¤¹¤¤ Malware - A ÌÖ¾õÁÈ¿¥ ¸«²ò¡Ê¤ò¤È¤ë¡Ë WP Slides by Kevin McNamee at Blackhat Æ°¤­¤ä¤¹¤¤ °ÂÁ´ ¼óǾ²ñµÄ London 2015 (20th-21st June 2015)
• Man in the (Android) Middleware Slides by Damien Cauquil at Nuit Du Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ 2015 (20th-21st June 2015)
• ÈȺá¤Î Profiling: Android Malware Slides by Axelle Apvrille at Nuit Du Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ 2015 (20th-21st June 2015)
• HITB LAB: Attacking Android Apps Slides by Tony Trummer at HiTB Amsterdam 2015 (28th-29th June 2015)
• Relay Attacks in EMV Contactless Cards with Android OTS ÁõÃÖs WP Slides by Ricardo J. Rodr?guez & Pepe Vila at HiTB Amsterdam 2015 (28th-29th June 2015)
• Fuzzing È¿ÂФ¹¤ës d¡ÇART: Digging Into the New Android L Runtime ÆâÉô¤Îs WP Slides by Anestis Bechtsoudis at HiTB Amsterdam 2015 (28th-29th June 2015)
• Eight Ou Two Æ°¤­¤ä¤¹¤¤ WP Slides by Matias Eissler at HiTB Amsterdam 2015 (28th-29th June 2015)
• Opcodes in Google Play: Tracing Malicious »ÈÍÑ¡¿Å¬ÍÑs Slides by Dr. Alfonso Mu?oz & Sergio de los Santos at HiTB Amsterdam 2015 (28th-29th June 2015)
• Is my app °ÂÁ´¤Ê¡¦Êݾڤ¹¤ë? Slides by Cl?udio Andr? & Herman Duarte at Bsides Lisbon 2015 (3rd July 2015)
• Androidº®Þµ»¹ªÍ¿È¿º®Þ Slides by ¾®ÇÈ at 2015°¤Î¤°ÂÁ´Êö²ñ (09th-10th July 2015)
• Æâ¸?¼Íºß°ÂÂîRootÍøÍÑÃæ Slides by ?ÎÉ at 2015°¤Î¤°ÂÁ´Êö²ñ (09th-10th July 2015)
• Android ?ÍÑÄø½øÄÌÍѼ«?æ?ÊýË¡¸¦µæ Slides by GoSSIP_SJTU at ?±¾2015ǯÇò˹»ÒÂç²ñ Wooyun ¼óǾ²ñµÄ 2015 (17th-18th July 2015)
• AH! UNIVERSAL ANDROID ROOTING IS BACK WP Slides by Wen Xu at Defcon 23 (05th-06th August 2015)
• ATTACKING YOUR TRUSTED CORE: EXPLOITING TRUSTZONE ON ANDROID WP Slides by Di Shen at Defcon 23 (05th-06th August 2015)
• CERTIFI-GATE: FRONT-DOOR ACCESS TO PWNING MILLIONS OF ANDROIDS WP Slides by Ohad Bobrov & Avi Bashan at Defcon 23 (05th-06th August 2015)
• FAUX DISK ENCRYPTION: REALITIES OF SECURE STORAGE ON MOBILE DEVICES WP by Daniel Mayer & Drew Suarez at Defcon 23 (05th-06th August 2015)
• FINGERPRINTS ON MOBILE DEVICES: ABUSING AND LEAKING WP Slides by Yulong Zhang & Tao Wei at Defcon 23 (05th-06th August 2015)
• FUZZING ANDROID SYSTEM SERVICES BY BINDER CALL TO ESCALATE PRIVILEGE WP Slides by Guang Gong at Defcon 23 (05th-06th August 2015)
• STAGEFRIGHT: SCARY CODE IN THE HEART OF ANDROID Slides by Joshua Drake at Defcon 23 (05th-06th August 2015)
• THIS IS DEEPERENT: TRACKING APP BEHAVIORS WITH (NOTHING CHANGED) PHONE FOR EVASIVE ANDROID MALWARE Slides by Yeongung Park & Jun Young Choi at Defcon 23 (05th-06th August 2015)
• QARK Slides by Tony Trummer & Tushar Dalvi at Defcon 23 (06th-09th August 2015)
• °ÂÁ´ Auditing Æ°¤­¤ä¤¹¤¤ Apps Slides by Sam Bowne at Defcon 23 (06th-09th August 2015)
• Own Your Android! Yet Another Á´À¤³¦¤Î¡¿Ëü¹ñ¶¦Ä̤ΠRoot WP by Wen Xu & Yubin Fu at WOOT 2015 (08th-11th August 2015)
• One Class to »ÙÇÛ¤¹¤ë Them All: 0-Day Deserialization Vulnerabilities in Android WP by Or Peles and µû¤ÎÍñ Hay at WOOT 2015 (08th-11th August 2015)
• New ¼èÆÀ¡¿Çã¼ý method based on firmware update µÄÄê½ñs for Android smartphones WP by Seung Jei Yang, Jung Çä½ÕÉØ Choi, Ki Bom Kim & Tae Joo Chang at DFRWS 2015 (09th-13th August 2015)
• ÌÖ¾õÁÈ¿¥ and ÁõÃÖ Ë¡Äî¤Î ʬÀÏ of Android social-messaging »ÈÍÑ¡¿Å¬ÍÑs WP by Daniel Walnycky, Ibrahim Baggili, Andrew Marrington, Frank Breitinger & Jason Moore at DFRWS 2015 (09th-13th August 2015)
• EASEAndroid: (a)¼«Æ°Åª¤Ê¡¿(n)¼«Æ°·ý½Æ À¯ºö ʬÀÏ and Refinement for °ÂÁ´ ¹â¤á¤ëd Android ·Ðͳ¤Ç Large-µ¬ÌÏ È¾Ê¬-´ÆÆĤ¹¤ëd Learning WP by Ruowen Wang, William Enck, Douglas Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, & Ahmed M. Azab at 24th USENIX °ÂÁ´ ƤÏÀ²ñ (12th-14th August 2015)
• Android µö²Äs Remystified: A Field ½Ï¹Í¤¹¤ë¡¿¹Íθ¤¹¤ë on Contextual ÀµÄ¾¤µ WP by Primal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David Wagner & Konstantin Beznosov at 24th USENIX °ÂÁ´ ƤÏÀ²ñ (12th-14th August 2015)
• You Shouldn¡Çt Collect My Secrets: ˸³²¤¹¤ëing ¶ËÅ٤οµ½Å¤µ¤òÍפ¹¤ë Keystroke ϳ¤ì in Æ°¤­¤ä¤¹¤¤ IME Apps WP by Jin Chen, Haibo Chen, Erick Bauman, Zhiqiang Lin, Binyu Zang & Haibing Guan at 24th USENIX °ÂÁ´ ƤÏÀ²ñ (12th-14th August 2015)
• Boxify: ½½Ê¬¤Ê-°é¤Æ¤ë¡¿ÁãΩ¤Äd App Sandboxing for ºß¸Ë¡¿³ô Android WP by Michael »Ù±ç¤¹¤ës, Sven Bugiel, Christian ÂçÂÇ·â¤òÍ¿¤¨¤ë, Oliver Schranz & Philipp ½Ð¿È¤Î Styp-Rekowsky at 24th USENIX °ÂÁ´ ƤÏÀ²ñ (12th-14th August 2015)
• LinkDroid: ¸º¤º¤ëing Unregulated Aggregation of App Usage ¹Ô°Ùs WP by Huan Feng, Kassem Fawaz, & Kang G. ¸þ¤³¤¦¤º¤Í at 24th USENIX °ÂÁ´ ƤÏÀ²ñ (12th-14th August 2015)
• PowerSpy: ¾ì½ê Àפò¤Ä¤±¤ëing Using Æ°¤­¤ä¤¹¤¤ ÁõÃÖ ÎÏ¡¿¶¯ÎϤˤ¹¤ë ʬÀÏ WP by Yan Michalevsky, Aaron Schulman, Gunaa Arumugam Veerapandian, Dan Boneh, & Gabi Nakibly at 24th USENIX °ÂÁ´ ƤÏÀ²ñ (12th-14th August 2015)
• ¤Ë¸þ¤«¤Ã¤Æ Discovering and Understanding »Å»ö ¥Ï¥¤¥¸¥ã¥Ã¥¯ in Android WP by Chuangang Ren, Yulong Zhang, Hui Xue, Tao Wei &Peng Liu at 24th USENIX °ÂÁ´ ƤÏÀ²ñ (12th-14th August 2015)
• SELinux in Android Lollipop and Android M Slides by Stephen Smalley at LSS2015 (25th August 2015)
• ioctl Ì¿Îá¡Ê¤¹¤ë¡Ë whitelisting in SELinux Slides by Jeff Vander Stoep at LSS2015 (25th August 2015)
• IMA/EVM on Android ÁõÃÖ Slides by Dmitry Kasatkin at LSS2015 (25th August 2015)
• ²þÁ±¤¹¤ëing Æ°¤­¤ä¤¹¤¤ °ÂÁ´ with Ë¡Äî¤Îs, app ʬÀÏ and big data Slides ¥Ó¥Ç¥ª by Andrew Hoog at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• Android °ÂÁ´ architecture Slides ¥Ó¥Ç¥ª by Nikolay Elenkov at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• Lessons from the ¤¶¤ó¹ès: An inside look at Android °ÂÁ´ Slides ¥Ó¥Ç¥ª by Nick Kralevich at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• Human factors in ƿ̾¤Î¡¿ÉÔÌÀ¤Î Æ°¤­¤ä¤¹¤¤ communication Slides ¥Ó¥Ç¥ª by Svenja Schr?der at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• Continuous ´í¸±-aware multi-modal authentication Slides ¥Ó¥Ç¥ª by Daniel Hintze, Rainhard Findling & Muhammad Muaaz at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• ººÄꤹ¤ë¡¿¡ÊÀǶâ¤Ê¤É¤ò¡Ë²Ý¤¹ing Android »ÈÍÑ¡¿Å¬ÍÑs using Ì¿Îá¡Ê¤¹¤ë¡Ë-line fu Slides ¥Ó¥Ç¥ª by Pau Oliva Fora at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• An infestation of dragons: Ä´ºº¤¹¤ëing vulnerabilities in the ARM TrustZone architecture Slides ¥Ó¥Ç¥ª by Josh Thomas & Charles Holmes at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• Using Android °ÂÁ´ for À¯¼£¤Î PKI: ŬÀڤʻþ´üs and challenges Slides by Pekka Laitinen at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• °ÂÁ´¤Ê¡¦Êݾڤ¹¤ë elements for you and me: A model for programmable °ÂÁ´¤Ê¡¦Êݾڤ¹¤ë ¶âʪÎà¡¿Éð´ïÎà in Æ°¤­¤ä¤¹¤¤ ecosystems Slides ¥Ó¥Ç¥ª by Alexandra Dmitrienko at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• Æ°¤­¤ä¤¹¤¤ ¶¼¤·s ½ÐÍè»ö/»ö·ï °·¤¦ing Slides ¥Ó¥Ç¥ª by Yonas Leguesse at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• ANANAS - ANalyzing ANdroid ApplicationS Slides by ¿©±ÂÎÅË¡¤·¤Æ¤¤¤ë¿Í Vymazal at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)
• How Google killed two-factor authentication Slides ¥Ó¥Ç¥ª by ¾¡Íø¼Ô ÀèƬ der Veen at Android °ÂÁ´ ƤÏÀ²ñ (09th-11th September 2015)

Æ»¶ñs

• 010Editor in ¹çƱ with the ¤Ë°ú¤­Â³¤¤¤Æ templates;
  • DEXTemplate
  • ELFTemplate
  • zImageTemplate
• ADBI
• AndBug
• Androguard
• Android Pattern Lock Cracker
• AndroidBackupExtractor
• AndroidBootImgTool
• Androwarn
• ApkTool
• BytecodeViewer
• dalvik-js
• Dalvik-Obfuscator
• dex2jar
• DexInfo
• DexInspector
• DexTools
• Droid InjectSO
• Drozer
• Introspy-Android
• JEB
• LDPreload
• ManiTree
• Playdrone : ¼«Æ°²½¤¹¤ëd App ʬÀÏ
• Procyon
• PyADB
• RootAdb
• SEPolicy-ÃíÆþ¤¹¤ë - Æ»¶ñ to ÃíÆþ¤¹¤ë SELinux »ÙÇÛ¤¹¤ës into binary kernel À¯ºös
• Smali
• Tapas
• TcpDumpHelper
• Volatility
• VTS
• Xposed

Debugging

• AndroidGDB

»ö¼Â¾å¤Î Machines (vms)

• Android-vm ? ½àÈ÷¡¿¾ò¹às ubuntu VM w/ ADT & ADK with Éâϲ¼Ô

»ÈÍÑ¡¿Å¬ÍÑ Level Stuff

• Androrat
• AntiLvl

Bootloader/̵Àþ¤ÇÄÌ¿®¤¹¤ë Æ»¶ñs

• hbootdbg
• Heimdall

Android Market Downloaders

• appland downloader (Node) - download apps from appland third party market
• aptoide downloader (Node) - download apps from aptoide third-party Android market
• google-play APIs (Node) - get app ¾ÜºÙ¡Ê¤Ë½Ò¤Ù¤ë¡Ës and download from Google Play Ãߤ¨¤ë¡¿Å¹
• google-play-crawler (Python) - get app ¾ÜºÙ¡Ê¤Ë½Ò¤Ù¤ë¡Ës and download from Google Play Ãߤ¨¤ë¡¿Å¹
• google-play-crawler (Java) - get app ¾ÜºÙ¡Ê¤Ë½Ò¤Ù¤ë¡Ës and download from Google Play Ãߤ¨¤ë¡¿Å¹

°Î¶È¡¿ÍøÍѤ¹¤ës

Root °Î¶È¡¿ÍøÍѤ¹¤ës

• psneuter by scotty2
• Exploid by Stealth
• GingerBreak by Stealth
• RageAgainstTheCage by Stealth
• KillingInTheNameOf by Stealth
• Zimperlich by Stealth
• Zergrush by ³×Ì¿¤Î
• Tacoroot by jcase
• Nachoroot by jcase
• Burritoroot by jcase
• Gorditaroot by jcase
• Enchilada by jcase
• ZTERoot (Avail) by jcase
• ZTERoot (Merrit) by jcase
• LG ICS Root by jcase
• DefyXT Root by jcase
• ÀÄ»À¥«¥ê by jcase
• LG Optmus ¥¨¥ê¡¼¥È by jcase
• HTC One X AT&T by jcase
• Droid 3 Root by bliss
• Motofail by bliss
• XYZ by bliss
• LG Spectrum Root by bliss
• Megatron by bliss
• LG Esteem Root by bliss
• Razr¡Çs ¿É¾¡¤¹¤ë¡¿Í¥°Ì by bliss
• Razr Blade by bliss
• Samsung Admire Root by bliss
• Thinkpad Tablet by bliss
• Sony Tablet S by bliss
• Xoomfail by bliss
• Motofail2Go by bliss
• XPRT by bliss
• Nandpwn by bliss
• Motochopper by bliss
• Exynos-ÍðÍÑ by alephzain
• IconiaRoot by alephzain
• levitator by Jon Larimer, Jon Oberheide
• asroot by zinx
• Samsung Infuse 4G by Michael Coppola
• libperf_event (CVE-2013-2094) by hiikezoe
• libfb_mem (CVE-2013-2596) by hiikezoe
• mempodroid by saurik/zx2c4
• towelroot by geohot
• activeroot by geohot

³Ë¿´ System °Î¶È¡¿ÍøÍѤ¹¤ës

• SmsSpoof
• Google Play Ë¡°Æing ¥Ï¥¤¥¸¥ã¥Ã¥¯¡Ê¤¹¤ë¡Ë
• ZeroSMS
• AndroidReboot
• ZipBugs
• WebView addJavascriptInterface Metasploit Module

Other °Î¶È¡¿ÍøÍѤ¹¤ës

• HTC ¥Ç¥ª¥­¥·¥ê¥Ü³Ë»À by jcase µö¤¹s ÂǤÁÌÀ¤±¤ëing
• X-Factor by bliss µö¤¹s change CID

³ä¤ìÌÜ-Mes

• 0CTF 2015 Quals CTF
• 2015°Ü?°ÂÁ´Ä©??
• 360°ÂÁ´Ä©?? 2014
• AliCTF 2014
• Asis CTF 2014
• Atast CTF 2012
• BCTF 2014
• C0C0N CTF 2011
• CircleCityCon 2014
• CodeGate CTF 2015
• CSAW CTF 2011
• CSAW CTF 2013
• CUIT 2014
• Cyber °ÂÁ´ Challenge 2015
• Defcon 19 CTF - Binary 300
• DEFKTHON CTF 2014
• DFIRCON East Smartphone Ë¡Äî¤Îs Challenge
• DRG Online Challenge September 2013
• Garage4Hackers July 2015 Æ°¤­¤ä¤¹¤¤ »ÈÍÑ¡¿Å¬ÍÑ CTF
• GreHack CTF 2012
• Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹.Lu CTF 2011
• Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹.Lu CTF 2013
• HackPlayer
• HCTF 2014
• Insomni¡ÇÀڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ CTF 2012
• Insomni¡ÇÀڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ CTF 2015
• JCTF 2014 ¶âÎͲʵ»ÇÕ
• MWR BSides Challenge 2013
• HDH2k14 Wargames
• Nuit Du Àڤ곫¤¯¡¿¥¿¥¯¥·¡¼¡¿ÉÔÀµ¥¢¥¯¥»¥¹ 2K12
• Nullcon HackIM CTF 2012
• Pico CTF 2014
• PoliCTF 2015
• Pragyan CTF 2015
• Qiwi CTF 2014
• Reddit CTF 2015
• SecuInside CTF 2011
• SU-CTF 2014
• tinyCTF 2014
• Wooyun ¼óǾ²ñµÄ 2015
• pnluck¡Çs Android SignMe
• deurus¡Çs Android Crackme01
• deurus¡Çs Android Crackme02
• deurus¡Çs Android Crackme03
• deurus¡Çs Android Crackme04
• Android °ÂÁ´ ʬÀÏ Challenge: Tampering Dalvik Bytecode During Runtime

Miscellaneous

• https://github.com/doridori/Android-°ÂÁ´-¸ÀµÚ¡¿´ØÏ¢
• https://github.com/dweinstein/android_notes/wiki
• https://github.com/trevd/android

Ä´½ñ¤ò¤È¤ë¡¿Í½Ì󤹤ës

• Practical Android ³«È¯¡¿ÍøÍÑ
• Android Hacker¡Çs Handbook
• Android °ÂÁ´ ÆâÉô¤Îs: An In-Depth Guide to Android¡Çs °ÂÁ´ Architecture
• Android Malware and ʬÀÏ
• The Æ°¤­¤ä¤¹¤¤ »ÈÍÑ¡¿Å¬ÍÑ Hacker¡Çs Handbook
• Android ÆâÉô¤Îs::ÎÏ¡¿¶¯ÎϤˤ¹¤ë »ÈÍѼԡÇs ¸«²ò¡Ê¤ò¤È¤ë¡Ë