This training is deprecated. Cyfinoid is keeping this page online as an archive so previous attendees, conference visitors, and people researching the class can still find it, but we do not currently offer new public or private deliveries of this course.
Attack & Defend Android Applications was a hands-on training focused on both attacking and defending the Android application ecosystem. It was designed for people who needed a practical, methodical way to assess Android apps across common attack paths, implementation weaknesses, and defensive controls.
The course combined offensive and defensive perspectives rather than treating Android application security as a narrow reverse-engineering exercise. It covered how Android apps are attacked in practice, how security engineers and pentesters can assess them systematically, and how development teams can strengthen their applications and supporting pipelines.
Training Status
- Deprecated / archived course
- No future public sessions are planned
- Not currently available as a private / corporate workshop
- This page is retained for reference, discoverability, and past attendee context
Archived Overview
This training covered the Android application ecosystem across both attack and defense. The goal was not to turn beginners into instant experts, but to give participants a repeatable assessment methodology they could apply to real Android applications.
Participants worked through common Android testing and security engineering tasks such as:
- Traffic interception across HTTP, HTTPS, WebSocket, and related protocols
- Root detection bypass
- Static and dynamic analysis
- Dynamic instrumentation with tools such as Frida and Magisk
- Assessment of non-Java / Kotlin mobile apps such as React Native and Flutter
The defensive side of the course focused on helping teams improve Android application security through:
- Application threat modeling
- Identification of security weaknesses
- Adding security into CI / CD pipelines
- Reviewing and prioritizing security findings
- Improving visibility into third-party components and supply chain risks
Archived Syllabus
Basics
- Understanding Android OS architecture
- Android permission model
- Inter-process communication
- Intents, binders, and deep linking
- Application structure
Attack
- Attack surface mapping
- MITRE ATT&CK and OWASP MSTG
- Traffic interception
- Root detection bypass
- Deobfuscating application code
- Dynamic instrumentation
- Static and dynamic analysis
- Hybrid app assessment including React Native, Flutter, and .NET-based apps
Defend
- Threat modeling
- OWASP MASVS
- Defense strategies
- CI / CD pipeline security for applications
- Static analysis with Semgrep
- Dynamic analysis
- Third-party library tracking
- Supply chain security considerations
Who This Training Was For
- Application security engineers
- Penetration testers
- Mobile security practitioners
- Engineering teams responsible for Android application security
Student Requirements
- Basic familiarity with software development and application security concepts
- Comfort with hands-on testing workflows
- Prior Android security experience was helpful, but the course was intended to be methodical rather than assumption-heavy
What Students Received
- Access to the learning portal and cloud lab environments
- Slide deck for the material covered during the class
- Detailed answer sheets and supporting material for continued practice
Recent Previous Run
Testimonials
Looking For Current Trainings
Cyfinoid no longer offers this Android training. If you are looking for currently active trainings or related private engagements, please visit the current Cyfinoid trainings pages or contact us.