This repository contains notes, labs, demo scenarios, case studies, and certificate of completion for the Android Bug Bounty Hunting – Hunt Like a Rat (EC-Council Continue Learning) program.
It provides insights into Android application security, vulnerability exploitation, and bug bounty hunting techniques.
- 📄 01-introduction.md – Course introduction
- 📄 02-android-security-basics.md – Basics of Android security
- 📄 03-recon-methods.md – Reconnaissance methods for Android apps
- 📄 04-static-analysis.md – Static APK analysis
- 📄 05-dynamic-analysis.md – Dynamic analysis techniques
- 📄 06-common-vulnerabilities.md – Common Android vulnerabilities
- 📄 07-exploit-development.md – Exploit development & PoC creation
- 📄 08-reporting-and-mitigation.md – Writing reports & mitigation strategies
- ⚔️ red-team-labs.md – Red Team exploitation labs
- 🛡️ blue-team-defense.md – Blue Team defensive techniques
- 📑 demo-examples01.md – APK analysis demo
- 📑 demo-examples02.md – SQL injection in mobile apps
- 📑 demo-examples03.md – MITM traffic capture demo
- 📑 case-studies.md – Real-world case studies
- 📆 timeline.md – Evolution of Android vulnerabilities & fixes
- 📘 resources.md – Extra resources for learning
- 📘 glossary.md – Glossary of Android security terms
- 📘 index.md – Program overview
- 📘 references.md – References & external sources
- 📘 roadmap.md – Learning roadmap
- 📘 syllabus.md – Detailed syllabus
| Step | Screenshot |
|---|---|
| 🏫 Course Overview |  |
| ⭐ Key Lessons |  |
| 📝 Personal Review |  |
🎓 Android Bug Bounty Hunting – Hunt Like a Rat
This course provided me with hands-on experience in Android application penetration testing.
I learned practical skills in:
- Reconnaissance, static & dynamic analysis of APKs
- Identifying SQL injection, insecure storage, and traffic interception vulnerabilities
- Developing exploits & reporting findings responsibly
It is an excellent resource for anyone preparing to enter mobile bug bounty hunting or Android app security research.
Thành Danh – Red Team Learner & Security Researcher
- GitHub: @ngvuthdanhh
- Email: ngvu.thdanh@gmail.com
This project is licensed under the terms of the MIT License.
See LICENSE for full details.
© 2025 ngvuthdanhh. All rights reserved.