Android Security

  1. ,Android Open Source Project (AOSP), https://source.android.com/source/

  2. Android Code Search, https://cs.android.com

  3. Android 开源项目简介

  4. Android主要版本與使用分佈

  5. Codenames, Tags, and Build Numbers (代號、標籤和版本號)

  6. Android API Level, https://developer.android.com/guide/topics/manifest/uses-sdk-element

  7. Factory Images (出廠映像) for Nexus and Pixel Devices, https://developers.google.com/android/images

  8. Full OTA Images for Nexus and Pixel Devices (完整的OTA映像)

  9. Driver Binaries for Nexus and Pixel Devices (驅動程序)

  10. Android File Transfer, https://www.android.com/filetransfer/

  11. Android Studio, https://developer.android.com/studio/ , https://developer.android.com/studio/intro/?hl=zh-cn

  12. Android Studio download archives, https://developer.android.com/studio/archive

  13. Android Studio的應用程式除錯(Debug your app)

  14. Android NDK (Native Development Kit 原生開發工具包), https://developer.android.com/ndk/ , https://developer.android.com/ndk/guides/?hl=zh-cn

  15. Android Compatibility 相容性, https://source.android.com/compatibility/

  16. AOSP Distribution 原始碼, https://android.googlesource.com

  17. Android Brand Guidelines, https://source.android.com/setup/start/brands

  18. Android 安全技術, https://source.android.com/security/

  19. Android 安全性公告, https://source.android.com/security/bulletin/

  20. Open Mobile Alliance (OMA) 開放移動聯盟, https://www.openmobilealliance.org/

  21. Pixel手機取得Android更新

  22. Android Flash Tool, https://flash.android.com/

  23. Android 11 測試版

  24. Android 11 Meetups 你問我答聚焦 Android 11: Android 開發者工具聚焦 Android 11: 大功告成

  25. Android 11 的消息通知

  26. Android 10, http://android.com/10/

  27. Android 10 新特性

  28. Android 9 Pie, http://android.com/pie/, https://developer.android.google.cn/about/versions/pie/, https://www.phonearena.com/news/Android-P-review-new-features_id103054

  29. Android 9 Pie 開發者手冊, https://dl.google.com/dl/developers/android/pie/Android-9-Pie-Handbook.pdf?hl=zh-cn

  30. Android 9 Preview, https://developer.android.com/preview/

  31. Introducing Android Q Beta (2019年3月13日), https://android-developers.googleblog.com/2019/03/introducing-android-q-beta.html

  32. What's new in Android security (Google I/O '18), https://www.youtube.com/watch?v=r54roADX2MI

  33. Android生態系統安全性, https://transparencyreport.google.com/android-security/overview

  34. Sign your app, https://developer.android.com/studio/publish/app-signing

  35. Android Pie 引入 Keystore 新特性

  36. Android密鑰庫系統 (Android keystore system)

  37. How to Update your Android Kernel to Latest Linux Stable? Which Android runs which Linux kernel?

  38. Building Kernels (編譯內核), https://source.android.com/setup/build/building-kernels

  39. 美國FBI花費1.3百萬美金破解iPhone 5C (FBI paid more than $1.3 million to break into San Bernardino iPhone), 2016.

  40. 2017年3月維基解密(WikiLeaks):美國中央情報局(CIA)的駭客部門,https://wikileaks.org/ciav7p1/

  41. 個人電腦2019年銷售量(Gartner) 個人電腦2018年銷售量(Gartner)

  42. 智慧型手機2019年銷售量(Gartner) 智慧型手機2019年銷售量(IDC) 智慧型手機2018年銷售量(Gartner) 智慧型手機2018年銷售量(IDC)

  43. Made by Google 2018, https://www.youtube.com/watch?v=9wURy8AdsS4

  44. Security-Enhanced Linux in Android (SEAndroid), https://source.android.com/security/selinux, https://selinuxproject.org/ , https://github.com/SELinuxProject

  45. Trusty TEE (Trusted Execution Environment), https://www.op-tee.org, https://open-tee.github.io

  46. Android Verified Boot, https://source.android.com/security/verifiedboot/

  47. Android Verified Boot (AVB) 2.0

  48. Android Partitions and Images (分區和映像), https://source.android.com/devices/bootloader/partitions-images

  49. Android Scoped Storage (分區存儲), https://www.youtube.com/watch?v=UnJ3amzJM94

  50. Android command line tools, https://developer.android.com/studio/command-line

  51. adb, http://developer.android.com/tools/help/adb.html。 adb devices; adb shell service list; adb shell cat /proc/cpuinfo; adb shell pm list packages; adb shell dumpsys; adb logcat; adb pull [-p] [-a] <remote> [<local>]; adb backup [-f <file>] [-apk|-noapk] [-obb|-noobb] [-shared|-noshared] [-all] [-system|-nosystem] [<packages...>]

  52. Android Backup Extractor, http://sourceforge.net/projects/adbextractor/.

  53. Flashing Devices, https://source.android.com/setup/build/running

  54. Moving Fastboot to User Space, https://source.android.com/devices/bootloader/fastbootd

  55. Flashing, Booting, and Updating, https://source.android.com/devices/bootloader/flashing-updating

  56. Android Device Mirroring: Vysor, Mobizen

  57. A/B (Seamless) System Updates, https://source.android.com/devices/tech/ota/ab

  58. Android Device Tree (DT), https://source.android.com/devices/architecture/dto

  59. Treble, https://source.android.com/devices/architecture/treble

  60. Android Direct Boot mode, https://developer.android.com/training/articles/direct-boot

  61. Project Strobe, https://www.blog.google/technology/safety-security/project-strobe/

  62. Project Mainline, https://android-developers.googleblog.com/2019/05/fresher-os-with-projects-treble-and-mainline.html

  63. Android Pony EXpress (APEX), https://source.android.com/devices/tech/ota/apex

  64. 常規系統映像 (Generic System Image, GSI)

  65. Android's shell and utilities, https://android.googlesource.com/platform/system/core/+/master/shell_and_utilities/README.md

  66. Google 行動服務 (Google Mobile Services, GMS), https://en.wikipedia.org/wiki/Google_mobile_services

  67. Application Binary Interface (ABI, 應用二進制界面), https://developer.android.com/ndk/guides/abis

  68. Android Profiler, Measure app performance with Android Profiler

  69. Android system tracing, https://developer.android.com/topic/performance/tracing/

  70. 基於安卓設備的Hacking

  71. PureOS, https://puri.sm/products/librem-5/pureos-mobile/

  72. Fuchsia OS 開發者網站, https://fuchsia.dev

  73. AndroidX, https://developer.android.google.cn/jetpack/androidx/

  74. Compatibility Test Suite (CTS), https://source.android.com/compatibility/cts/

  75. Vendor Native Development Kit (VNDK), https://source.android.com/devices/architecture/vndk/

  76. SafetyNet, https://developer.android.com/training/safetynet/

  77. XDA, https://www.xda-developers.com/

  78. Team Win Recovery Project (TWRP), https://twrp.me/ , https://github.com/omnirom/android_bootable_recovery/

  79. ClockworkMod (CWM), https://www.clockworkmod.com

  80. SuperSU, http://www.supersu.com

  81. Magisk, https://www.didgeridoohan.com/magisk/ , https://magiskmanager.com

  82. BusyBox, https://git.busybox.net/ , https://github.com/topjohnwu/ndk-busybox

  83. netcat, https://github.com/MobileForensicsResearch/netcat

  84. Alpine Term (Alpine Linux Terminal), https://github.com/xeffyr/alpine-term/

  85. Termux, https://github.com/termux/termux-app

  86. Helium, https://github.com/koush/support-wiki/wiki/Helium-Desktop-Installer-and-Android-App

  87. Bypassing the lock screen, /data/system/password.key, /data/data/com.android.providers.settings/databases/settings.db, /data/system/locksettings.db, /data/system.lockscreen.db

  88. Gatekeeper password, gatekeeper.pattern.key, gatekeeper.password.key

  89. Mobiledit, https://www.mobiledit.com/downloads

  90. nanddump, https://github.com/jakev/android-binaries/blob/master/nanddump

  91. Magnet ACQUIRE, https://www.magnetforensics.com/resources/magnet-acquire/

  92. Magnet AXIOM, https://www.magnetforensics.com/products/magnet-axiom/

  93. LiME (Linux Memory Extractor), https://github.com/504ensicsLabs/LiME

  94. Autopsy, https://www.autopsy.com/download/

  95. The Sleuth Kit, https://www.sleuthkit.org

  96. FTK Imager, https://accessdata.com/product-download

  97. SQLite Deleted Records Parser, https://github.com/mdegrazia/SQLite-Deleted-Records-Parser

  98. extundelete (recover deleted files from an ext4 partition), http://extundelete.sourceforge.net

  99. SIFT Workstation, https://digital-forensics.sans.org/community/downloads

  100. Epoch & Unix Timestamp Conversion Tools, https://www.epochconverter.com

  101. DCode, https://www.digital-detective.net/dcode/

  102. TestDisk & PhotoRec, https://www.cgsecurity.org/wiki/TestDisk_Download

  103. Installed apps: /data/system/packages.list, adb shell pm list packages -f

  104. Wi-Fi connection data: /data/misc/wifi/wpa_supplicant.conf, /data/misc/wifi/WifiConfigStore.xml

  105. Contacts/Calls: /data/data/com.android.providers.contacts

  106. SMS/MMS: /data/user_de/0/com.android.providers.telephony

  107. User dictionary: /data/data/com.android.providers.userdictionary

  108. Gmail: /data/data/com.google.android.gm

  109. Google Maps: /data/data/com.google.android.apps.maps

  110. file signatures, https://www.garykessler.net/library/file_sigs.html

  111. Julian Date, https://www.aavso.org/jd-calculator

  112. Linux File Systems for Windows, https://www.paragon-drivers.com/en/lfswin/

  113. Android malware identification, https://www.virustotal.com/

  114. VirusTotal Desktop Apps, https://support.virustotal.com/hc/en-us/articles/115002179065-Desktop-Apps

  115. YARA, https://yara.readthedocs.io/en/v3.8.1/ , https://github.com/virustotal/yara/releases/

  116. Forensic tools by Eric Zimmerman, https://ericzimmerman.github.io/#!index.md

  117. Joe Sandbox, https://www.joesandbox.com/#android

  118. axmldec (an Android binary XML decoder), https://github.com/ytsutano/axmldec/releases

  119. dex2jar, https://github.com/pxb1988/dex2jar

  120. JD-GUI, http://java-decompiler.github.io

  121. dsixda, https://github.com/dsixda/Android-Kitchen

  122. zipalign, https://developer.android.com/studio/command-line/zipalign

  123. LLVM Compiler Infrastructure, https://llvm.org

  124. Xposed, http://repo.xposed.info , https://github.com/rovo89/Xposed/, https://github.com/rovo89/XposedInstaller , https://forum.xda-developers.com/xposed,

  125. Frida, https://github.com/frida/frida/

  126. F-Droid, https://f-droid.org/

  127. Android Cryptographic Primitives

  128. Android 密碼學算法, https://developer.android.com/guide/topics/security/cryptography

  129. Android 密碼學算法原始碼

  130. Full-Disk Encryption (FDE)

  131. File-Based Encryption (FBE)

  132. Adiantum encryption, https://source.android.com/security/encryption/adiantum

  133. Sony Xperia Open Devices, https://developer.sony.com/develop/open-devices/

  134. Sony Xperia AOSP build instructions, https://developer.sony.com/develop/open-devices/guides/aosp-build-instructions/

  135. Sony Xperia GitHub project, https://github.com/sonyxperiadev/

  136. Android Open Kang Project (AOKP), http://aokp.co

  137. LineageOS, https://lineageos.org

  138. CyanogenMod (CM), http://www.cyanogenmod.org.ru

  139. 魔趣, http://www.mokeedev.com

  140. OmniROM, https://www.omnirom.org

  141. Linaro Android, https://wiki.linaro.org/Platform/Android, https://www.linaro.org

  142. DroniX, https://www.facebook.com/DroniX-155167021211383/

  143. CopperheadOS, https://copperhead.co/android/

  144. Tor on Android, https://www.torproject.org/docs/android.html.en

  145. App線上檢測, VirusTotal, https://www.virustotal.com/

  146. Nikolay Elenkov | Twitter

  147. Android Security Architecture (by Nikolay Elenkov) 2015, https://www.youtube.com/watch?v=3asW-nBU-JU

  148. An introduction to Android application security testing (by Nikolay Elenkov) 2017, https://www.youtube.com/watch?v=hRuNHUwiQJA

  149. AndroidSecurity|Twitter

  150. Course: Android Internals and Security, by Prof. Prabhaker Mateti, Wright State University

  151. Karim Yaghmour, Embedded Android - Working with the AOSP, https://www.youtube.com/watch?v=LimC0XpeT0k

  152. Android Security & Privacy 2018 Year In Review, https://www.youtube.com/watch?v=6Ct1RBFjwI0

  153. Android Security 2017 Year in Review, What's New in Android Security (Google I/O '17)

  154. Android Security 2016 Year In Review, https://www.youtube.com/watch?v=QJXsurYoJ10

  155. Android boot animation開機動畫的格式(bootanimation format), https://android.googlesource.com/platform/frameworks/base/+/master/cmds/bootanimation/FORMAT.md

  156. Nexus 6P (Android 8)的開機動畫, /system/media/bootanimation.zip

  157. Pixel 2 (Android 10)的開機動畫, /product/media/bootanimation.zip

  158. AndroRat, https://github.com/DesignativeDave/androrat

  159. AFLogical OSE (Android Forensics), https://github.com/nowsecure/android-forensics

  160. OpenKeychain, https://github.com/open-keychain/open-keychain

  161. Kali Linux for Android Mobile Devices, https://www.offensive-security.com/kali-linux-nethunter-download/ , https://github.com/offensive-security/kali-nethunter/wiki

  162. Best Wireshark Alternatives for Android (September 2019)

  163. Mobile Security Framework (MobSF), https://github.com/MobSF/Mobile-Security-Framework-MobSF

  164. Andrax, https://andrax-pentest.org,

  165. TheFatRat, https://github.com/Screetsec/TheFatRat

  166. Haven, https://github.com/guardianproject/haven

  167. zANTI, https://www.zimperium.com/zanti-mobile-penetration-testing

  168. cSploit, http://www.csploit.org

  169. Metasploit, https://www.metasploit.com

  170. UserLAnd (Use Linux Anywhere), https://github.com/CypherpunkArmory/UserLAnd

  171. Joshua J. Drake, “Researching Android Device Security with the Help of a Droid Army,” Black Hat USA 2014. https://www.youtube.com/watch?v=dIYeNgU5EAg

  172. Maplesyrup, https://github.com/nsacyber/maplesyrup

  173. Open source software by the NSA, https://code.nsa.gov

  174. Fastboot error when flasing rom 'FAILED remote unknown command'

  175. Android SDK Platform Tools, https://developer.android.com/studio/releases/platform-tools

  176. SDK Platform Tools r27.0.0 for Mac

  177. --------------------------------------------------------------------------------------

  178. Android手機的組合語言(汇编语言)部分原始碼,platform/external/boringssl - android Git repositories

  179. Android手機使用的BoringSSL組合語言AES程式,https://boringssl.googlesource.com/boringssl/+/3e6526575ac2349a44a04a0bbc7acb917fab5a0b/crypto/aes/asm

  180. BoringSSL, https://boringssl.googlesource.com/boringssl/

  181. ARM Assembly for Embedded Applications, http://www.cse.scu.edu/~dlewis/book3/

  182. ARM架構, ARM architecture, ARM Processors and Architectures

  183. ARM Development Boards

  184. Arm Processors for the Widest Range of Devices

  185. Supercomputer Fugaku (富岳), 採用ARM version 8.2A 處理器

  186. Android逆向入門

  187. APK加固之靜態脫殼機編寫入門

  188. 如何在Android中使用匯編語言

  189. 基于Android的ARM汇编语言系列

  190. IAR Embedded Workbench

  191. Code Composer Studio (CCS), Texas Instruments Incorporated.

  192. MDK Microcontroller Development Kit, MDK5 Device List, https://www.keil.com/dd2/

  193. MDK Version 5 - Online Manuals, http://www2.keil.com/mdk5/docs

  194. MDK Version 5 - Example Projects, http://www2.keil.com/mdk5/examples

  195. ARM Assembler User Guide, http://www.keil.com/support/man/docs/armasm/

  196. ARM/Thumb指令, http://www.keil.com/support/man/docs/armasm/armasm_dom1361289850039.htm

  197. Arm Development Studio, https://www.arm.com/products/development-tools/embedded-and-software/arm-development-studio

  198. gcc for ARM, https://gcc.gnu.org/onlinedocs/gcc-3.4.1/gcc/ARM-Options.html

  199. ARM assembler (組譯器), http://www.heyrick.co.uk/assembler/

  200. ARM Assembler (armasm) User Guide, http://www.keil.com/support/man/docs/armasm/

  201. Arm Compiler, https://developer.arm.com/tools-and-software/embedded/arm-compiler

  202. GNU Arm Embedded Toolchain, Downloads

  203. ARM® Compiler Software Development Guide, Version 6.7

  204. GNU ARM Assembler Quick Reference

  205. ARM GCC Inline Assembler Cookbook

  206. arm-linux-gnu-as(1) - Linux man page

  207. List of ARM microarchitectures, https://en.wikipedia.org/wiki/List_of_ARM_microarchitectures

  208. 32-bit Thumb instructions, http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ihi0014q/Cjaifddd.html

  209. RealView Compilation Tools Developer Guide (local copy)

  210. Writing Your First Android App, in Assembly

  211. 'Hello World!' in ARM assembly

  212. Online ARM To Hex Converter, http://armconverter.com, Online HEX To ARM Converter, http://armconverter.com/hextoarm/

  213. Computer Organization and Systems Programming, University of California, San Diego

  214. OWASP Firmware Security Testing Methodology (FSTM), https://github.com/scriptingxss/owasp-fstm

  215. OWASP Embedded Application Security Best Practices

  216. ARM Architecture Reference Manual

  217. ARMv8 Architecture Reference Manual

  218. Arm Cortex®-A75 Technical Reference Manual

  219. Arm Neon, Neon Programmer’s Guide Version: 1.0

  220. 高通驍龍™ 845, https://www.qualcomm.cn/snapdragon/processors/845. Qualcomm Announces Snapdragon 845 Mobile Platform, 4x Kryo 385 Gold (A75 derivative) @ 2.8GHz, December 2017.

  221. 高通驍龍™ 855, https://www.qualcomm.cn/snapdragon/processors/855. Qualcomm Snapdragon 855 First Details (ARM Cortex A76 CPU)

  222. ARM Cortex A75, https://developer.arm.com/products/processors/cortex-a/cortex-a75

  223. Nexus說明, https://support.google.com/nexus/?hl=zh-Hant

  224. 瞭解有關Android作業系統安全性的警告, http://g.co/ABH

  225. Nexus 7 (Android 4.3 ~ Android 6.0.1), 規格: Qualcomm Snapdragon™ S4 Pro (1.5GHz) (ARMv7), 2GB RAM, 7.吋 1920x1200 HD 螢幕

  226. Nexus 9 (Android 5.0.1 ~ Android 7.1.1), 規格: 64 位元 NVIDIA Tegra K1 (ARM64 v8-A), 2GB RAM, 8.9 吋 IPS LCD TFT QXGA (2048x1536)

  227. Nexus 6 (Android 5.0 ~ Android 7.1.1), 規格: Qualcomm® Snapdragon™ 805 (4x Qualcomm® Krait™ 450 CPU) 2.7GHz 四核心處理器(ARMv7-A), 3GB RAM / 64GB ROM, 5.96 吋 AMOLED 1440 x 2560 pixels

  228. Nexus 6P (Android 6.0.0 ~ Android 8.1.0), 規格: Qualcomm® Snapdragon™ 810 (4x ARM Cortex A57, 4x ARM Cortex A53) 2.0 GHz 64 位元八核心處理器(ARM64 v8-A), 3GB RAM / 32GB ROM, 5.7 吋 AMOLED 1440 x 2560 pixels。Nexus 6P 討論區: https://forum.xda-developers.com/nexus-6p/

  229. Pixel手機說明, https://support.google.com/pixelphone/?hl=zh-Hant

  230. Pixel XL (Android 7.1.0 ~ Android 9.0.0), 規格: Qualcomm® Snapdragon™ 821 64位元四核處理器 (ARM64 v8-A) (4x Qualcomm® Kryo™ 2.4 GHz CPU), 4 GB LPDDR4, 5.5吋 AMOLED 1440 x 2560 pixels, Length: 154.7 mm, Width: 75.7 mm。Pixel 討論區:https://forum.xda-developers.com/pixel-xl

  231. Pixel 2 (Android 8.0.0 ~ ), 規格: Qualcomm® Snapdragon™ 835 processor (ARM64 v8-A) (8x Qualcomm® Kryo™ 280 CPU), RAM: 4GB, Length: 145.7 mm, Width: 69.7 mm。Pixel 2 討論區: https://forum.xda-developers.com/pixel-2/ 。Pixel 2 rooting on Android 10, https://www.androidinfotech.com/root-google-pixel-2-xl-android-10/

  232. Pixel 3 XL (Android 9.0.0 ~ ), 規格: Qualcomm® Snapdragon™ 845 (ARM64 v8-A) (8x Qualcomm® Kryo™ 385 CPU), 4GB LPDDR4x RAM, Android 9 Pie 最低3年OS與安全性更新。Pixel 3 XL討論區:https://forum.xda-developers.com/pixel-3-xl 。Pixel 3 XL rooting on Android 10, https://forum.xda-developers.com/pixel-3-xl/how-to/guide-pixel-3-xl-android-10-0-q-t3964117

  233. Qualcomm® Snapdragon™ 865: Qualcomm® Kryo™ 585 CPU (台積電7奈米)

  234. ARM Cortex-A77

  235. 高通驍龍元件列表

  236. Qualcomm® Kryo, https://en.wikipedia.org/wiki/Kryo

  237. Comparison of ARMv8-A cores, https://en.wikipedia.org/wiki/Comparison_of_ARMv8-A_cores