Build a Strong Foundation
Learn the key Android security topics you’ll need for engagements and bug bounties.
Learn by Doing
Practice on provided APKs and source code. Analyze, exploit, and validate real issues.
No Fluff, Maximum Focus
More than 6 hours of structured lessons. Each module offers real value, with no fluff.
From Concept to Practice
Each lesson combines clear theory with hands-on labs and demos. This way, you can apply your skills right away.
Learn from Experience
Learn from years of real security testing. This helps you dodge common mistakes and grow quicker.
7-Day Refund Guarantee
Full refund within 7 days if you’ve accessed less than 10% of the course content.
About the Course
Looking to level up your Android pentesting or bug bounty skills? Android App Hacking Mastery is a hands-on, structured course designed for security professionals and aspiring bug bounty hunters. You’ll analyse realistic demo apps, uncover vulnerabilities, and create working proofs of concept, using techniques applied by experts in bug bounty programs and professional security testing. By the end of the course, you’ll have the practical expertise and confidence to discover, analyse, and exploit Android app security flaws, giving you the skills to excel in bug bounty programs or professional penetration testing.
Curriculum
-
1
Introduction to Android App Security
- Welcome & Course Overview Free preview
-
(Included in full purchase)
Android Lab Setup
-
(Included in full purchase)
Other Tools and Project Files
-
(Included in full purchase)
Quiz 1: Introduction Quiz
-
2
Android Security Essentials
-
(Included in full purchase)
Android Architecture
-
(Included in full purchase)
Android Components
-
(Included in full purchase)
Android Manifest
-
(Included in full purchase)
Intents
-
(Included in full purchase)
Quiz 2: Android Security Essentials
-
(Included in full purchase)
Files, Directories and User Permissions
-
(Included in full purchase)
Common Linking Mechanism
-
(Included in full purchase)
Attack Vectors
-
(Included in full purchase)
Creating Proof of Concepts
-
(Included in full purchase)
Quiz 3: Android Security Essentials
-
(Included in full purchase)
-
3
Components Exploitation
-
(Included in full purchase)
Insecure Data Storage
-
(Included in full purchase)
Insecure Permissions
-
(Included in full purchase)
Accessing Protected Components
-
(Included in full purchase)
Hijacking Implicit Intents (Broadcast Receiver)
-
(Included in full purchase)
Hijacking Implicit Intents (Activities)
-
(Included in full purchase)
Quiz 4: Components Exploitation
-
(Included in full purchase)
Pending Intents
-
(Included in full purchase)
Hijacking Pending Intents
-
(Included in full purchase)
Exploiting Deep Links
-
(Included in full purchase)
Exploiting Zip Slip
-
(Included in full purchase)
Quiz 5: Components Exploitation
-
(Included in full purchase)
-
4
WebView Exploitation
-
(Included in full purchase)
WebView Basics and Attack Surface
-
(Included in full purchase)
Stealing Files via File URLs
-
(Included in full purchase)
Exploiting JavaScript Interfaces
-
(Included in full purchase)
Quiz 6: WebView Quiz
-
(Included in full purchase)
Universal Cross Site Scripting
-
(Included in full purchase)
Cookie Tainting Exploit
-
(Included in full purchase)
Abusing Unsafe Internal URL Handling
-
(Included in full purchase)
Quiz 7: WebView Quiz
-
(Included in full purchase)
-
5
Network Exploitation
-
(Included in full purchase)
Installing Burp CA Certificates - Android 8-9
-
(Included in full purchase)
Installing Burp CA Certificates - Android 10+
-
(Included in full purchase)
Network Environment Setup
-
(Included in full purchase)
Same WIFI Network Setup
-
(Included in full purchase)
Hotspot Network Setup
-
(Included in full purchase)
ProxyDroid and Network Setup Recap
-
(Included in full purchase)
Quiz 8: Network Exploitation
-
(Included in full purchase)
Certificate Validation Flaws
-
(Included in full purchase)
Certificate Validation Flaws (Demo)
-
(Included in full purchase)
Network Security Config XML
-
(Included in full purchase)
Bypassing SSL Pinning
-
(Included in full purchase)
SSL Pinning Bypass with Automated Tools
-
(Included in full purchase)
Bypassing SSL Pinning in Android Native Libraries
-
(Included in full purchase)
Quiz 9: Network Exploitation
-
(Included in full purchase)
-
6
Reverse Engineering and Runtime Analysis
- Frida Essential Free preview
-
(Included in full purchase)
Hooking Methods with Frida
-
(Included in full purchase)
Exposing Hidden Methods with Frida
-
(Included in full purchase)
Hooking Native Code with Frida
-
(Included in full purchase)
[BONUS] AI-Assisted Android Reverse Engineering (Coming)
-
(Included in full purchase)
Quiz 6: Reverse Engineering
-
7
Course Wrap Up
-
(Included in full purchase)
Wrap Up and Next Steps
-
(Included in full purchase)
Course Feedback & Learning Experience Survey
-
(Included in full purchase)
Student Testimonials
Real feedback from students learning Android app hacking
Compared to web security, resources on vulnerability discovery for Android apps have historically been scattered, and courses are relatively scarce. Richard's course fills this gap. I believe it is the most systematic and comprehensive course on Android app security I’ve seen online, covering the latest trends in vulnerability discovery. With the course and its lab exercises, learners can gain strong practical skills in identifying and exploiting Android app vulnerabilities.
Android Security Researcher
This course was a great introduction to hacking Android apps. I like the technical foundation it starts with, which was a good refresher (or a great intro if you are brand new). It then quickly moved into practical techniques - well laid out, clearly explained, and really easy to follow along with the combo of video and text instructions. Really nice way to get moving quickly with mobile app exploitation.
Red Team Leader
As someone relatively new to Android security but experienced in web testing, I've gained a ton of value from this course... and I'm only halfway through!
Security Consultant
Compared to web security, resources on vulnerability discovery for Android apps have historically been scattered, and courses are relatively scarce. Richard's course fills this gap. I believe it is the most systematic and comprehensive course on Android app security I’ve seen online, covering the latest trends in vulnerability discovery. With the course and its lab exercises, learners can gain strong practical skills in identifying and exploiting Android app vulnerabilities.
Android Security Researcher
As someone relatively new to Android security but experienced in web testing, I've gained a ton of value from this course... and I'm only halfway through!
Security Consultant
This course was a great introduction to hacking Android apps. I like the technical foundation it starts with, which was a good refresher (or a great intro if you are brand new). It then quickly moved into practical techniques - well laid out, clearly explained, and really easy to follow along with the combo of video and text instructions. Really nice way to get moving quickly with mobile app exploitation.
Red Team Leader
Meet Your Instructor
Richard (aka sambal0x) has spent over 8 years hunting bugs and vulnerabilities as a professional pentester and even made it onto the Google Play Security Reward Program top contributors list. Passionate about Android security, he helps students gain the skills, techniques, and confidence to explore apps, find vulnerabilities, and understand real-world exploitation.
Ready to Master Android App Hacking?
Take the next step to enhance your skills and secure your future in app security.
$149.00