Get a GIAC Certification Attempt Included or $350 Off with SANS Online Training!


To attend this webcast, login to your SANS Account or create your Account.

Tools and Techniques for Assessing Android Malware

  • Thursday, Feb. 9, 2017 at 9:00 am Singapore / 12:00 pm Canberra (1:00 Thursday, Feb. 9th UTC)
  • Christopher Crowley
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


SANS Asia-Pacific Webcast Series- Tools and Techniques for Assessing Android Malware

Join us for the next installment of the SANS APAC webcast series, as we take a detailed look at Tools and Techniques for Assessing Android Malware.

Topic: Tools and Techniques for Assessing Android Malware

Presenter: Christopher Crowley, SANS Principal Instructor

Date: Thursday, February 9, 2017

Time: 9:00 am Singapore / 12:00 pm Canberra


Note: This webcast is free of charge however a SANS portal account is required (see webcast link for details)


SANS Asia-Pacific Webcast Series- Tools and Techniques for Assessing Android Malware

Android malware is substantially more common that iOS malware. Android users can choose to disable the Unknown sources Allow installation of apps from unknown sources and install applications from anywhere.


In this webcast Christopher Crowley will show tools and techniques you can use to inspect Android applications to determine if they exhibit malicious behavior. This methodology can be employed as forensic analysis and can also be used in application assessments to determine if an application is suitable for use within an organization.


Malicious behavior includes: persistent root, installation of ad revenue producing apps, and key logger collection of credentials to steal information within protected containers. Malware spreading vectors includes drive by downloads, and fraudulent applications purporting to be pornography. It also tries to trick users into installing software, claiming to be an update, in order to root the phone.


Get a preview of capabilities to be discussed in the upcoming SEC575 in Canberra, ACT March 20th - 26th.

Speaker Bio

Christopher Crowley

Christopher Crowley, a principal SANS instructor and course author for SANS courses in Managing Security Operations and Incident Response Team Management, holds multiple certifications. He received the SANS 2009 Local Mentor of the Year award for excellence in providing mentor classes to his local community. Chris is a consultant based in Washington, D.C., who has more than 15 years of experience in managing and securing networks. His areas of expertise include network and mobile penetration testing, mobile device deployments, security operations, incident response and forensic analysis.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.