Android Malware Analysis and Security Course


Technical auditing and digital forensics

Course category

Digital forensics





Course Description

If you want to improve your professional skills in malware and application analysis on Android systems, do not hesitate to enrol in this course in which you will be taught completely up-to-date content. The course is in Spanish.

Currently mobile devices (Smartphone, tablets, etc.) benefit millions of users on a daily basis, and contain confidential information of each and every one of us, due to this fact they are a clear target for cybercriminals. By analyzing the escalation of cybercrime in these devices, it is clear that their security has already become a serious concern for companies, public administrations and individuals.

In this course you will learn different methods and techniques to perform security analysis on Android devices. You will study different applications in search of vulnerabilities and finally perform an analysis of a malware used by cybercriminals on Android devices.

With a total duration of 120 hours, divided between practical and theoretical units, you will benefit from the most complete, up-to-date and low-cost Android security and malware analysis course on the market. You will also be able to follow it from the comfort of your own home, studying according to your own schedule and at your own pace. You will have a total of 12 months to finish the theoretical part and 3 additional months for the practical part.

It is advisable for the student to have basic knowledge of Android systems. In addition, it is essential for the student to have a computer with at least an i5 processor, 8GB of RAM, and an Internet connection in order to download all the labs and material from the virtual learning platform.

In order to obtain the Certificate of Training for the course, the student must take a 15-question multiple-choice exam with a pass mark of 60% or more of the course contents. He/she must also take a practical exam which must be passed with a minimum grade of 60%. The corresponding certificate will be provided through a badge validation platform, simplifying its presentation to various interested entities.

Course aims

  • This course provides the necessary conceptual and practical knowledge for performing analysis in search of behaviours and possible vulnerabilities within Android applications.
  • You will acquire basic practical skills for performing code analysis audits on Android APPs, using a recognized common methodology.
  • With this course, you will gain the necessary knowledge on the standard methodology for performing code analysis audits of Android system applications at a professional level with their corresponding executive and technical reports.
  • This course has a mainly hands-on approach, making it easy for the student to learn and apply the acquired knowledge.
  • The course includes internationally recognized steps, standards and best practices to comply with.

1. General Concepts of Cybersecurity – Ethical Hacking

  • Introduction to Cybersecurity – Ethical Hacking.
  • The need for Cybersecurity in today’s world.
  • Hacker terminology.
  • Ethical hacking vs. vulnerability scanning.

2. General Cybersecurity in Smartphone

  • Fundamentals of security.
  • Access codes.
  • Application signatures.

3. Cybersecurity in Android systems

  • System architecture.
  • Security in Android systems.
  • OWASP top 10.

4. Laboratory preparation

  • Analysis lab setup.
  • Description of the tools.
  • Other distributions.

5. Types of analysis and Android applications

  • Types of analysis: static and dynamic.
  • Types of malware on Android platforms.
  • Applications to be analyzed.

6. Vulnerability analysis in Android applications

  • Introduction and disclaimer.
  • Static analysis of selected applications.
  • Static and dynamic analysis of a banking APP.

7. Analysis of malware on Android

  • Creation of a malicious apk.
  • Analysis of the malicious application.
    1. Preliminary static analysis.
    2. Analysis of the apk package.
    3. Certificate analysis.
    4. Analysis of the source code.
    5. Final conclusion.

8. Final conclusions

9. Final exam and case study – JMSec Certificate of Completion

  • Final theoretical exam.
  • Case study analysis of an Android application.

X. Additional resources

  • Android memory dump for further analysis.
  • Characteristics, security and weaknesses of the NFC protocol.

Course structure on the study platform


The course will be imparted using the following elements:

  • During the course the student will be given videos, documents in PDF format and other resources.
  • The student will have to perform workshops and practical laboratories through the use of virtual machines duly configured and prepared for the course in question.
  • The student will take a final test, as well as a practical test, in order to demonstrate the knowledge acquired throughout the course.

This course is also designed to be able to be taken offline using the different downloadable resources provided, so that each student can progress at their own pace.