Android Security
Android Open Source Project (AOSP), https://source.android.com/source/
Codenames, Tags, and Build Numbers (代號、標籤和版本號)
Factory Images (出廠映像) for Nexus and Pixel Devices, https://developers.google.com/android/images
Full OTA Images for Nexus and Pixel Devices (完整的OTA映像)
Android 12.0.0 Release 1, https://android.googlesource.com/platform/frameworks/base/+/refs/tags/android-12.0.0_r1
Android 13, http://android.com/13/
Android 12, http://android.com/12/
Android 12L Developer Preview, https://developer.android.com/about/versions/12/12L
Android 11 Meetups 你問我答, 聚焦 Android 11: Android 開發者工具、聚焦 Android 11: 大功告成
Android 10, http://android.com/10/
Android 9 Pie, http://android.com/pie/, https://developer.android.google.cn/about/versions/pie/, https://www.phonearena.com/news/Android-P-review-new-features_id103054
Android 9 Pie 開發者手冊, https://dl.google.com/dl/developers/android/pie/Android-9-Pie-Handbook.pdf?hl=zh-cn
Android Code Search, https://cs.android.com
Android API Level, https://developer.android.com/guide/topics/manifest/uses-sdk-element
Android File Transfer, https://www.android.com/filetransfer/
Android Studio, https://developer.android.com/studio/ , https://developer.android.com/studio/intro/?hl=zh-cn
Android App Bundles (AAB), https://developer.android.com/guide/app-bundle , https://developer.android.com/platform/technology/app-bundle
Android Studio download archives, https://developer.android.com/studio/archive
Android Studio的應用程式除錯 (Debug your app)
Android Compatibility 相容性, https://source.android.com/compatibility/
AOSP Distribution 原始碼, https://android.googlesource.com
Android Brand Guidelines, https://source.android.com/setup/start/brands
Android 安全技術, https://source.android.com/security/
Android 安全性公告, https://source.android.com/security/bulletin/
Open Mobile Alliance (OMA) 開放移動聯盟, https://www.openmobilealliance.org/
Android Flash Tool, https://flash.android.com/
Android Pony EXpress (APEX), https://source.android.com/devices/tech/ota/apex
Introducing Android Q Beta (2019年3月13日), https://android-developers.googleblog.com/2019/03/introducing-android-q-beta.html
What's new in Android security (Google I/O '18), https://www.youtube.com/watch?v=r54roADX2MI
Android生態系統安全性, https://transparencyreport.google.com/android-security/overview
Sign your app, https://developer.android.com/studio/publish/app-signing
How to Update your Android Kernel to Latest Linux Stable? Which Android runs which Linux kernel?
Linux Kernel, https://www.kernel.org
Building Kernels (編譯內核), https://source.android.com/setup/build/building-kernels
美國FBI花費1.3百萬美金破解iPhone 5C (FBI paid more than $1.3 million to break into San Bernardino iPhone), 2016.
2017年3月維基解密(WikiLeaks):美國中央情報局(CIA)的駭客部門,https://wikileaks.org/ciav7p1/
個人電腦2022年銷售量(Gartner) 個人電腦2021年銷售量(Gartner) 個人電腦2020年銷售量(Gartner) 個人電腦2019年銷售量(Gartner) 個人電腦2018年銷售量(Gartner)
智慧型手機2022年銷售量(Gartner) 智慧型手機2021年銷售量(Gartner) 智慧型手機2020年銷售量(Gartner) 智慧型手機2019年銷售量(Gartner) 智慧型手機2019年銷售量(IDC) 智慧型手機2018年銷售量(Gartner) 智慧型手機2018年銷售量(IDC)
Mobile Fact Sheet, June 2019, https://www.pewresearch.org/internet/fact-sheet/mobile/
Made by Google 2018, https://www.youtube.com/watch?v=9wURy8AdsS4
Security-Enhanced Linux in Android (SEAndroid), https://source.android.com/security/selinux, https://selinuxproject.org/ , https://github.com/SELinuxProject
Vendor Native Development Kit (VNDK), https://source.android.com/devices/architecture/vndk
Trusty TEE (Trusted Execution Environment), https://www.op-tee.org, https://open-tee.github.io
Android Verified Boot, https://source.android.com/security/verifiedboot/
Android Partitions and Images (分區和映像), https://source.android.com/devices/bootloader/partitions-images
Android Scoped Storage (分區存儲), https://www.youtube.com/watch?v=UnJ3amzJM94
Android command line tools, https://developer.android.com/studio/command-line
adb, http://developer.android.com/tools/help/adb.html。 adb devices; adb shell service list; adb shell cat /proc/cpuinfo; adb shell pm list packages; adb shell dumpsys; adb logcat; adb pull [-p] [-a] <remote> [<local>]; adb backup [-f <file>] [-apk|-noapk] [-obb|-noobb] [-shared|-noshared] [-all] [-system|-nosystem] [<packages...>]
adb install -t test.apk, https://adbshell.com/commands/adb-install
Android Backup Extractor, http://sourceforge.net/projects/adbextractor/.
Flashing Devices, https://source.android.com/setup/build/running
Moving Fastboot to User Space, https://source.android.com/devices/bootloader/fastbootd
Flashing, Booting, and Updating, https://source.android.com/devices/bootloader/flashing-updating
A/B (Seamless) System Updates, https://source.android.com/devices/tech/ota/ab
Android Device Tree (DT), https://source.android.com/devices/architecture/dto
Treble, https://source.android.com/devices/architecture/treble
Android Direct Boot mode, https://developer.android.com/training/articles/direct-boot
Project Strobe, https://www.blog.google/technology/safety-security/project-strobe/
Project Mainline, https://android-developers.googleblog.com/2019/05/fresher-os-with-projects-treble-and-mainline.html
Android Pony EXpress (APEX), https://source.android.com/devices/tech/ota/apex
Android's shell and utilities, https://android.googlesource.com/platform/system/core/+/master/shell_and_utilities/README.md
Google 行動服務 (Google Mobile Services, GMS), https://en.wikipedia.org/wiki/Google_mobile_services
Android Profiler, Measure app performance with Android Profiler
Android system tracing, https://developer.android.com/topic/performance/tracing/
AndroidX, https://developer.android.google.cn/jetpack/androidx/
Compatibility Test Suite (CTS), https://source.android.com/compatibility/cts/
Vendor Native Development Kit (VNDK), https://source.android.com/devices/architecture/vndk/
SafetyNet, https://developer.android.com/training/safetynet/
Bypassing the lock screen, /data/system/password.key, /data/data/com.android.providers.settings/databases/settings.db, /data/system/locksettings.db, /data/system.lockscreen.db
Gatekeeper password, gatekeeper.pattern.key, gatekeeper.password.key
Mobiledit, https://www.mobiledit.com/downloads
nanddump, https://github.com/jakev/android-binaries/blob/master/nanddump
Magnet ACQUIRE, https://www.magnetforensics.com/resources/magnet-acquire/
Magnet AXIOM, https://www.magnetforensics.com/products/magnet-axiom/
LiME (Linux Memory Extractor), https://github.com/504ensicsLabs/LiME
Autopsy, https://www.autopsy.com/download/
The Sleuth Kit, https://www.sleuthkit.org
FTK Imager, https://accessdata.com/product-download
SQLite Deleted Records Parser, https://github.com/mdegrazia/SQLite-Deleted-Records-Parser
extundelete (recover deleted files from an ext4 partition), http://extundelete.sourceforge.net
SIFT Workstation, https://digital-forensics.sans.org/community/downloads
Epoch & Unix Timestamp Conversion Tools, https://www.epochconverter.com
TestDisk & PhotoRec, https://www.cgsecurity.org/wiki/TestDisk_Download
Installed apps: /data/system/packages.list, adb shell pm list packages -f
Wi-Fi connection data: /data/misc/wifi/wpa_supplicant.conf, /data/misc/wifi/WifiConfigStore.xml
Contacts/Calls: /data/data/com.android.providers.contacts
SMS/MMS: /data/user_de/0/com.android.providers.telephony
User dictionary: /data/data/com.android.providers.userdictionary
Gmail: /data/data/com.google.android.gm
Google Maps: /data/data/com.google.android.apps.maps
file signatures, https://www.garykessler.net/library/file_sigs.html
Julian Date, https://www.aavso.org/jd-calculator
Linux File Systems for Windows, https://www.paragon-drivers.com/en/lfswin/
Android malware identification, https://www.virustotal.com/
VirusTotal Desktop Apps, https://support.virustotal.com/hc/en-us/articles/115002179065-Desktop-Apps
YARA, https://yara.readthedocs.io/en/v3.8.1/ , https://github.com/virustotal/yara/releases/
Forensic tools by Eric Zimmerman, https://ericzimmerman.github.io/#!index.md
Joe Sandbox, https://www.joesandbox.com/#android
axmldec (an Android binary XML decoder), https://github.com/ytsutano/axmldec/releases
Android Cryptographic Primitives
Android 密碼學算法, https://developer.android.com/guide/topics/security/cryptography
Adiantum encryption, https://source.android.com/security/encryption/adiantum
Sony AOSP
Sony Xperia Open Devices, https://developer.sony.com/develop/open-devices/
Sony Xperia AOSP build instructions, https://developer.sony.com/develop/open-devices/guides/aosp-build-instructions/
Sony Xperia GitHub project, https://github.com/sonyxperiadev/
Android OS
Android Open Kang Project (AOKP), http://aokp.co
LineageOS, https://lineageos.org
CyanogenMod (CM), http://www.cyanogenmod.org.ru
ClockworkMod (CWM), https://www.clockworkmod.com
OmniROM, https://www.omnirom.org
Linaro Android, https://wiki.linaro.org/Platform/Android, https://www.linaro.org
CopperheadOS, https://copperhead.co/android/
Fuchsia OS 開發者網站, https://fuchsia.dev
App線上檢測, VirusTotal, https://www.virustotal.com/
Android Security Architecture (by Nikolay Elenkov) 2015, https://www.youtube.com/watch?v=3asW-nBU-JU
An introduction to Android application security testing (by Nikolay Elenkov) 2017, https://www.youtube.com/watch?v=hRuNHUwiQJA
Course: Android Internals and Security, by Prof. Prabhaker Mateti, Wright State University
Karim Yaghmour, Embedded Android - Working with the AOSP, https://www.youtube.com/watch?v=LimC0XpeT0k
Secure an Android Device, https://source.android.com/security?hl=en
Android Security & Privacy 2018 Year In Review, https://www.youtube.com/watch?v=6Ct1RBFjwI0
Android Security 2017 Year in Review, What's New in Android Security (Google I/O '17)
Android Security 2016 Year In Review, https://www.youtube.com/watch?v=QJXsurYoJ10
Android boot animation開機動畫的格式(bootanimation format), https://android.googlesource.com/platform/frameworks/base/+/master/cmds/bootanimation/FORMAT.md
Nexus 6P (Android 8)的開機動畫, /system/media/bootanimation.zip
Pixel 2 (Android 10)的開機動畫, /product/media/bootanimation.zip
Best Wireshark Alternatives for Android (September 2019)
Android software
Team Win Recovery Project (TWRP), https://twrp.me/ , https://github.com/omnirom/android_bootable_recovery/
Magisk, https://github.com/topjohnwu/Magisk , https://www.didgeridoohan.com/magisk/ , https://magiskmanager.com
SuperSU, https://supersuroot.org
BusyBox, https://git.busybox.net/ , https://github.com/topjohnwu/ndk-busybox
Alpine Term (Alpine Linux Terminal), https://github.com/xeffyr/alpine-term/
Helium, https://github.com/koush/support-wiki/wiki/Helium-Desktop-Installer-and-Android-App
dex2jar, https://github.com/pxb1988/dex2jar
JD-GUI, http://java-decompiler.github.io
zipalign, https://developer.android.com/studio/command-line/zipalign
F-Droid, https://f-droid.org/
Android RAT, (AndroRAT) https://github.com/DesignativeDave/androrat , https://github.com/karma9874/AndroRAT, (Arbitrium-RAT) https://github.com/BenChaliah/Arbitrium-RAT, (TheFatRat) https://github.com/Screetsec/TheFatRat , (AhMyth) https://github.com/AhMyth/AhMyth-Android-RAT
Xposed, http://repo.xposed.info , https://github.com/rovo89/Xposed/, https://github.com/rovo89/XposedInstaller , https://forum.xda-developers.com/xposed
AFLogical OSE (Android Forensics), https://github.com/nowsecure/android-forensics
androidqf (Android Quick Forensics), https://github.com/botherder/androidqf
Mobile Verification Toolkit (MVT), https://github.com/mvt-project/mvt
OpenKeychain, https://github.com/open-keychain/open-keychain
Kali Linux for Android Mobile Devices, https://www.offensive-security.com/kali-linux-nethunter-download/ , https://github.com/offensive-security/kali-nethunter/wiki
Android-PIN-Bruteforce, https://github.com/urbanadventurer/Android-PIN-Bruteforce
Mobile Security Framework (MobSF), https://github.com/MobSF/Mobile-Security-Framework-MobSF
Andrax, https://andrax-pentest.org
zANTI, https://www.zimperium.com/zanti-mobile-penetration-testing
cSploit, http://www.csploit.org
Metasploit, https://www.metasploit.com
UserLAnd (Use Linux Anywhere), https://github.com/CypherpunkArmory/UserLAnd
Maplesyrup, https://github.com/nsacyber/maplesyrup
Tor on Android, https://www.torproject.org/docs/android.html.en
Joshua J. Drake, “Researching Android Device Security with the Help of a Droid Army,” Black Hat USA 2014. https://www.youtube.com/watch?v=dIYeNgU5EAg
NIST SP 800-124, Guidelines for Managing the Security of Mobile Devices in the Enterprise, Revision 2, March 2020.
Open source software by the NSA, https://code.nsa.gov
Fastboot error when flasing rom 'FAILED remote unknown command'
Android SDK Platform Tools, https://developer.android.com/studio/releases/platform-tools