Project 3x: Security Audit of Another Android App (20 pts. extra credit)
What You Need for This Project
- The Android security auditing environment you prepared
in project 1x, including Genymotion, Burp, and the
Google Play Store
Choose any App you like. Perform these
four tests, and capture
- Network communications
- File storage
- RAM contents
Write a few sentences, summarizing your results, like
Security Analysis of NFL App
Summary: No security problems were found.
A: Network communications used HTTPS for
all sensitive data.
B: File storage was in an appropriate location,
and did not contain any sensitive data.
C: Logs did not disclose secrets.
D: RAM did not contain secrets.
The four images alone are worth 15 points.
The Security Analysys is worth 5 points.
Turning in your Project
Email the images and the Security Analysis to
to firstname.lastname@example.org with the subject line:
Proj 3x from YOUR NAME
Last modified 1-29-15 8:20 pm