Introduction
So far, we've covered some of the basic development and security assessment tools, and we even covered some examples of extending and customizing these tools. This chapter will focus on the use of these tools to analyze the Android applications to identify vulnerabilities and develop exploits for them. Although, given the arbitrary nature of application functionality and the almost limitless creativity Android application developers can exercise, it's not hard to see that assessing the security of Android applications must be considered an art. What this means for you as a security auditor, analyst, consultant, or hobbyist is that you can be sure that there will never be a fully autonomous method to analyze the security of the Android application. Almost always, you'd need to rely on your creativity and analysis to deliver a concrete assessment of an Android application's security.
Before we start banging away at some apps, it's important to frame the...
