Android Recon
- Find information about the company online.
-
Find the target on the Play Store or App Store:
-
Read reviews of the app:
- You might face a bug that affected someone else.
- Look for hints of possible security vulnerabilities in the comments.
- Apps with lower reviews might be a better target because they have less attention from the dev team.
-
Enumerate who created the app and who released it:
- Note down information about the periodicity of the releases.
- Look for hints of security vulnerabilities in release notes.
- Check list of permissions of the application.
- Compare the list of apps in the Play Store and on the App Store: if there is an app only on Android it might be newer and more interesting to explore.
-
Read reviews of the app: