Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥

FRAUG - Point sécu Android 2020

Avatar for Michaël Ohayon Michaël Ohayon
March 18, 2020
Technology
0
72

FRAUG - Point sécu Android 2020

Avatar for Michaël Ohayon

Michaël Ohayon

March 18, 2020
Tweet

More Decks by Michaël Ohayon

See All by Michaël Ohayon
Bringing your Flutter App to the Web
Avatar for Michaël Ohayon mikklfr
0
82
KED - Prompt Security
Avatar for Michaël Ohayon mikklfr
0
27
Sécuriser ses appels réseau Android, de 2009 à 2019
Avatar for Michaël Ohayon mikklfr
0
23
Android et qualité logicielle
Avatar for Michaël Ohayon mikklfr
0
25
Securing Network Calls on Android, from 2009 to 2019
Avatar for Michaël Ohayon mikklfr
0
110

Other Decks in Technology

See All in Technology
「図面」から「法則」へ 〜メタ視点で読み解く現代のソフトウェアアーキテクチャ〜
Avatar for Satoshi Kobayashi scova0731
0
500
AgentCore BrowserとClaude Codeスキルを活用した 『初手AI』を実現する業務自動化AIエージェント基盤
Avatar for Hirokatsu Endo ruzia
7
1.6k
ペアーズにおけるAIエージェント 基盤とText to SQLツールの紹介
Avatar for Hikaru Sasamoto hisamouna
2
1.7k
『君の名は』と聞く君の名は。 / Your name, you who asks for mine.
Avatar for NTT docomo Business nttcom
1
120
【開発を止めるな】機能追加と並行して進めるアーキテクチャ改善/Keep Shipping: Architecture Improvements Without Pausing Dev
Avatar for 株式会社ビットキー / Bitkey Inc. bitkey
PRO
1
130
AIエージェント開発と活用を加速するワークフロー自動生成への挑戦
Avatar for shibuiwilliam shibuiwilliam
5
860
たまに起きる外部サービスの障害に備えたり備えなかったりする話
Avatar for Sohei Iwahori egmc
0
410
Amazon Bedrock Knowledge Bases × メタデータ活用で実現する検証可能な RAG 設計
Avatar for Tomoaki tomoaki25
6
2.4k
M&Aで拡大し続けるGENDAのデータ活用を促すためのDatabricks権限管理 / AEON TECH HUB #22
Avatar for GENDA genda
0
240
2025-12-27 Claude CodeでPRレビュー対応を効率化する@機械学習社会実装勉強会第54回
Avatar for Naka Masato nakamasato
4
1.1k
AI駆動開発ライフサイクル(AI-DLC)の始め方
Avatar for ryansbcho79 ryansbcho79
0
190
New Relic 1 年生の振り返りと Cloud Cost Intelligence について #NRUG
Avatar for PLAY, inc. play_inc
0
240

Featured

See All Featured
The Limits of Empathy - UXLibs8
Avatar for Cassini Nazir cassininazir
1
190
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
Avatar for Michelle Schulp Hunt marktimemedia
31
2.6k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
Avatar for Addy Osmani addyosmani
9
1k
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
0
250
So, you think you're a good person
Avatar for Per Axbom axbom
PRO
0
1.8k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
Avatar for Katarina Dahlin katarinadahlin
PRO
0
3.4k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
5
820
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
Avatar for Aleyda Solis aleyda
1
1.7k
What Being in a Rock Band Can Teach Us About Real World SEO
Avatar for Ade Holder 427marketing
0
150
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
57
6.7k
Visual Storytelling: How to be a Superhuman Communicator
Avatar for David Neal reverentgeek
2
400
The agentic SEO stack - context over prompts
Avatar for schlessera schlessera
0
560

Transcript

  1. Point sécu Android 2020 fenrir.pro

  2. AMSELLEM JÉRÉMIE Consultant / Formateur en sécurité informatique Freelance @Fenrir.pro

    @lp1eu fenrir.pro

  3. OHAYON MICHAËL Consultant / Manager chez Publicis Sapient Engineering @mikkL

    fenrir.pro

  4. "Tu peux jeter un oeil à mon téléphone ?" fenrir.pro

  5. fenrir.pro

  6. fenrir.pro

  7. Comment on en est arrivé la ? fenrir.pro

  8. Nos méthodes d'analyse fenrir.pro

  9. Setup Terminal Android fenrir.pro

  10. Android-x86 Genymotion BlueStacks [...] fenrir.pro 1. Émulateur

  11. Setup Analyse du trafic fenrir.pro

  12. Charles BurpSuite mitmproxy Fiddler [...] fenrir.pro 2. Proxy HTTP

  13. HTTP fenrir.pro

  14. HTTPS fenrir.pro

  15. Chiffrement Asymétrique fenrir.pro

  16. Chiffrement Symétrique fenrir.pro

  17. Handshake HTTPS fenrir.pro 1. Client HELLO 2. Server HELLO 3.

    Key Exchange

  18. Mais du coup comment il fait Charles (ou Burp/autres[...]) ?

    fenrir.pro

  19. Infrastructure à clé

  20. L'exemple du "debug"

  21. Abus de confiance

  22. Abus de confiance

  23. Démo fenrir.pro

  24. Setup Analyse Statique fenrir.pro

  25. apktool / jadx Apk Studio BytecodeViewer JEB Decompiler fenrir.pro

  26. Démo fenrir.pro

  27. Un standard ? fenrir.pro

  28. Ressources fenrir.pro

  29. None
  30. None
  31. None
  32. None
  33. None
  34. None

  35. Et donc au final ? fenrir.pro

  36. fenrir.pro Pubs in app

  37. fenrir.pro Stores

  38. Web fenrir.pro

  39. Stores alternatifs fenrir.pro

  40. Dans la presse fenrir.pro

  41. fenrir.pro

  42. fenrir.pro

  43. None

  44. Trojan-Dropper.AndroidOS.Shopper.a. fenrir.pro

  45. Android.Xiny.5261 fenrir.pro

  46. Du coup, on fait quoi ? fenrir.pro

  47. fenrir.pro

  48. Contre-mesures fenrir.pro

  49. Question time ! fenrir.pro