The starting point of every security enthusiast or penetration tester with an interest in mobile security is to build a penetration testing lab that will contain multiple mobile applications which are vulnerable by design. Of course commercial experience from lab experience is always a different story however in the lab someone can familiarize with the tools, vulnerabilities and the general methodologies for mobile testing.

The following list contains all the vulnerable Android applications that are publicly known and it can allow someone to test his mobile security skills safely:

The list can be also found in the associate GitHub repository.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s