Contact person: Android App Pen-Testing Required

Phone:Show

Email:Show

Location: Hyderabad, India

Budget: Recommended by industry experts

Time to start: As soon as possible

Project description:
"I have an in-house Android application that now needs a thorough security health-check. The goal is a full ethical hacking engagement focused on uncovering vulnerabilities in its APK, backend interactions, and data-storage practices, then documenting clear, actionable fixes.

Scope
• Perform a penetration test against the latest production APK and any exposed APIs.
• Emulate real-world attack vectors—static and dynamic analysis, network traffic interception, insecure data storage checks, and reverse-engineering attempts using tools such as MobSF, Burp Suite, Frida, or equivalent.
• Keep testing strictly black-box; source code will not be shared.

Deliverables
1. A concise executive-level summary highlighting overall risk.
2. A technical report listing each finding, its CVSS score, reproduction steps, screenshots or PoC scripts, and recommended remediation.
3. A verification re-test once fixes are applied to confirm closure of all critical and high-severity issues.

Acceptance Criteria
• At least one exploitable issue (or confirmation none exist) is demonstrated.
• All findings are reproducible from the steps provided.
• Reports are delivered in PDF and editable format within the agreed timeline.

The work must remain 100 % ethical and compliant with relevant laws; only the authorised APK, endpoints, and test credentials I supply may be touched." (client-provided description)