Penetration Testing on Android and Windows

Maintaining Security/privacy is one of difficult tasks in today’s era. As everyone has digital devices (phones, laptops) people are more vulnerable to security attacks and can easily get targeted for any means. Because of this pandemic,  use of digital devices and services is rapidly increasing than previous years which makes easy for hackers to attack individual and compromise their privacy. Security attacks on mobiles phone are most consistent attacks than desktop attacks. Security attacks on mobile phone generally focused on mobile application to infect them with malicious files and  getting access of victim’s device. Once hacker has the access of victim’s device they transfer the sensitive and private data with the help of applications backdoor to the backup server or to the  hacker’s device. In this paper we have analyzed some application working on android as well as windows. We  are also manually scripting malware. The goal is not to cause any damage to victims/organizations infrastructure but to prevent being attack by unauthorized user. We have designed threat model to detect various threats which helps to identify attack surface, vulnerabilities and loop holes in the system. In this project we have suggested to perform risk assessments to identify new changes which may or may not be harmful for system and these assessments should only be carried out by penetration tester or a professional.