8kSec Academy
Self-paced Course

Offensive Android Internals (On-demand)

In this unique course targeting the internals of Android, you'll get a tour of the key parts of the AOSP source tree, examine the boot sequence, IPC mechanisms, and explore ARM64 assembly. You'll develop skills in reverse-engineering Android specific security features and gain a deeper understanding of exploitation techniques, including both userland and kernel-level internals. Real-world case studies, and practical code walkthroughs will aid your learning across multiple device vendors.

This course is not an Appsec course, as it covers topics related to VR that is suitable for folks interested in learning more about the Android operating system internals, exploitation techniques etc.

If you are interested in an Appsec course, check out the Practical Mobile Application Exploitation course.
  • Level

    Beginner / Intermediate

  • Video

    16 hours - 98 videos

  • CERTIFICATION EXAM

    Included

A path to
CASR Certification

Key Objectives

  • Understand the Android System Architecture and AOSP source code
  • Learn about the Android Boot sequence, and Rooting processes
  • Learn about the Binder IPC on Android
  • Learn how to perform Crash Analysis on Android
  • Acquire skills in ARM Reverse Engineering
  • Get an understanding of latest ARM64 instruction set
  • Learn how to customize and build Android OS and Kernel for Vulnerability Research
  • Gain knowledge about Android Platform Permission, DAC, CAP, RKP, MTE, SELinux, and more
  • Reverse engineering Android binaries (Apps and system binaries)
  • Learn how to extract and decrypt boot images for Android devices
  • Get an introduction to memory allocation and Scudo allocator
  • Learn how to symbolicate the Android kernel
  • Learn about Privilege Escalation on Android
  • Learn using Case Study of Public Exploits
  • Become a Certified Android Security Researcher (CASR)

Who Should Attend?

This course is designed for vulnerability researchers, malware analysts, penetration testers, mobile developers, and anyone eager to learn more about the workings of Android devices and applications.

Prerequisites

To successfully participate in this course, attendees should possess the following:
  • Basic working knowledge of Android platform
  • Basic Linux skills and command-line proficiency
  • Understanding of fundamental programming concepts and looping structures in at least one higher-level language (Java, Kotlin, C, C++, or similar)
  • Basic ARM/AARCH64 binary assembly and exploitation knowledge is recommended, but not required

Duration

  • 365 days of access after purchase

Technical Requirements

  • Laptop with 8+ GB RAM and 40 GB hard disk space
  • Administrative access on the system
  • To complete the labs, a physical Android device with root access running Android 12.x or later, or access to a virtualized environment like Corellium or an emulator, is required.

Need To Justify To Your Manager?

Need a Template to Justify the Training Request to your Manager? Download the Template below.

Syllabus

Unlock Job Opportunities

Gain the in-demand skills to pursue career opportunities such as:

Specialist, Offensive Android Security*

A Tech Giant Company

$151,200 - $207,500 a year

Required Qualifications

- Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent combination of education training and experience
- Proficiency in tools for kernel debugging, fuzzing, and penetration testing
- Experience with reverse engineering tools (e.g., IDA Pro & Ghidra), debugging tools (e.g., JTAG/SWD)

Read more

Reverse Engineer - Android*

A Cybersecurity Firm

$90,000 - $120,000 a year

Required Qualifications

- Associate's, Bachelor's, or Master's degree in Computer Science or a related discipline (preferred)
- 3-5 years of hands-on experience with Android and reverse engineering
- In-depth understanding of Android internals and the ability to read, comprehend, and analyze source code software
- Familiarity with reverse engineering tools such as Jadx, Ghidra, Frida, IDA Pro, and Burp to perform binary and APK analysis

Read more

Android Mobile Reverse Engineer*

An IT Consulting Firm

$100,000 - $150,000 a year

Required Qualifications

- Proficiency in Android app development
- Expertise in reverse engineering tools
- Knowledge of Android internals
- Strong debugging and analysis skills
- Familiarity with encryption and obfuscation techniques
- Ability to work with disassemblers and debuggers

Desired Qualifications:
- Experience with Android emulator tools

Read more

*This is a compiled job description based on actual postings from LinkedIn and Indeed.

Included

CERTIFIED ANDROID SECURITY RESEARCHER (CASR)

This course is designed for vulnerability researchers, penetration testers, mobile developers, and anyone eager to understand the inner workings of the Android platform and applications. This course prepares you for the Certified Android Security Researcher (CASR) certification exam, a hands-on assessment specifically designed to test your grasp of advanced Android security domains including userland and kernel components.
Exam Duration : 24 hours

START LEARNING

Offensive Android Internals course

Early Bird Offer
  • Lecture recordings and self-assessments
  • Certification of course completion
  • Certified Android Security Researcher Exam
  • Post-training support
Enroll now and enjoy:
  • Early bird price (limited)
  • 365 days of access + 90 days early registration bonus access

Enroll a group

Get in touch for pricing
Includes everything from the individual rate, plus:
  • Special group pricing
  • Oversee and track the progress of group members

Enterprise

Get in touch for pricing
Includes everything from the group rate, with the ability to manage multiple seats and track student progress across all courses. Contact us with your preferred courses and number of students for a customized quote.

Offensive Android Internals course

On-demand
  • Immediate access to materials
  • Lecture recordings and self-assessments
  • 365 days of access
  • Certification of course completion
  • Certified Android Security Researcher Exam
  • Dedicated email support

Enroll a group

Get in touch for pricing
Includes everything from the individual rate, plus:
  • Special group pricing
  • Available add-ons to Oversee and track individual student progress for large groups

Enterprise

Get in touch for pricing
Includes everything from the group rate, with the ability to manage multiple seats and track student progress across all courses. Contact us with your preferred courses and number of students for a customized quote.

Created by

8kSec Academy

Our instructors are experts with over a decade of hands-on experience in mobile security, IoT exploitation, and vulnerability assessment. They've delivered numerous private trainings to high-profile clients and shared their knowledge at renowned conferences like BlackHat, Def Con, POC, TyphoonCon, Brucon, Hack in Paris, Phdays, Appsec USA, and more.

With thousands of students having completed our courses, our instructors continually refine their content based on real-world feedback. Whether through live sessions or our new on-demand courses, we ensure the same high-quality learning experience is accessible to professionals worldwide.