Learn real-world skills from real-world cyber security practitioners. View upcoming Live Online Events.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Tools and Techniques for Assessing Android Malware

  • Wednesday, February 08, 2017 at 8:00 PM EST (2017-02-09 01:00:00 UTC)
  • Christopher Crowley

You can now attend the webcast using your mobile device!



SANS Asia-Pacific Webcast Series- Tools and Techniques for Assessing Android Malware

Join us for the next installment of the SANS APAC webcast series, as we take a detailed look at Tools and Techniques for Assessing Android Malware.

Topic: Tools and Techniques for Assessing Android Malware

Presenter: Christopher Crowley, SANS Principal Instructor

Date: Thursday, February 9, 2017

Time: 9:00 am Singapore / 12:00 pm Canberra


Note: This webcast is free of charge however a SANS portal account is required (see webcast link for details)


SANS Asia-Pacific Webcast Series- Tools and Techniques for Assessing Android Malware

Android malware is substantially more common that iOS malware. Android users can choose to disable the Unknown sources Allow installation of apps from unknown sources and install applications from anywhere.


In this webcast Christopher Crowley will show tools and techniques you can use to inspect Android applications to determine if they exhibit malicious behavior. This methodology can be employed as forensic analysis and can also be used in application assessments to determine if an application is suitable for use within an organization.


Malicious behavior includes: persistent root, installation of ad revenue producing apps, and key logger collection of credentials to steal information within protected containers. Malware spreading vectors includes drive by downloads, and fraudulent applications purporting to be pornography. It also tries to trick users into installing software, claiming to be an update, in order to root the phone.


Get a preview of capabilities to be discussed in the upcoming SEC575 in Canberra, ACT March 20th - 26th.

Speaker Bio

Christopher Crowley

Christopher Crowley, a senior SANS instructor and course author for SANS courses in Managing Security Operations and MGT535 Incident Response Team Management, holds multiple certifications. He received the SANS 2009 Local Mentor of the Year award for excellence in providing mentor classes to his local community. Chris is a consultant based in Washington, D.C., who has more than 15 years of experience in managing and securing networks. His areas of expertise include network and mobile penetration testing, mobile device deployments, security operations, incident response and forensic analysis.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.