Security Analysis on Android Application Through Penetration Testing using Reverse Engineering

Abstract

Every person is using smartphones these days, and most of the users are Android users, with this Android applications are running on a huge scale. In the final quarter of 2022, Android is considered as the market leader among other mobile operating systems, holding a market share of over 71.8 percent, which leads to the mass development of Android applications and also leads to a problem where some applications are developed by young developers without considering the security factor and are easily downloadable from Google Play Store and open source. Since Android is open source and allows developers to create applications without restriction, some inexperienced developers create numerous apps without being aware of the most recent Android security challenges. As a result, these apps have an open attack surface that hackers can use to steal user data. Installing such apps can put other secure apps and system in danger, and once a bad app is installed, it will have an impact on the entire system. The goal of this research is to identify vulnerabilities in Android applications and the techniques used to find and inspect vulnerabilities. Penetration testing identifies security flaws and aids in network security. This paper will help future authors to understand several elements of penetration testing, including tools, attack methodologies and defence strategies. More particularly, this study has performed reverse engineering by performing penetration tests using a private network, devices and tools. The results are then summarised and discussed. This study also described about the specific procedures and techniques used to carry out these attacks.