Testing and Securing Android Studio Applications -- Table of Contents -- Testing and Securing Android Studio Applications -- Credits -- About the Authors -- About the Reviewers -- www.PacktPub.com -- Support files, eBooks, discount offers, and more -- Why subscribe? -- Free access for Packt account holders -- Preface -- What this book covers -- What you need for this book -- Who this book is for -- Conventions -- Reader feedback -- Customer support -- Downloading the example code -- Errata -- Piracy -- Questions -- 1. Introduction to Software Security -- Software security terms -- Threats, vulnerabilities, and risks -- Threat -- Vulnerability -- Risk -- Secure code-design principles -- Testing the basics -- Summary -- 2. Security in Android Applications -- The mobile environment -- An overview of Android security -- Permissions -- Interapplication communication -- Intents -- Content providers -- Summary -- 3. Monitoring Your Application -- Debugging and DDMS -- Threads -- Method profiling -- Heap -- Allocation Tracker -- Network Statistics -- File Explorer -- Emulator Control -- System Information -- Summary -- 4. Mitigating Vulnerabilities -- Input validation -- SQL injection -- Permissions -- Handling a user's data and credentials -- Interapplication communication -- Securing Intents -- Securing the content providers -- Summary -- 5. Preserving Data Privacy -- Data privacy -- Shared preferences -- Files in the internal storage -- Files in the external storage -- The database storage -- Encryption -- The encryption methods -- Generating a key -- Using encryption to store data -- Summary -- 6. Securing Communications -- HTTPS -- SSL and TLS -- Server and client certificates -- Keytool in the terminal -- Android Studio -- Code examples using HTTPS -- Summary -- 7. Authentication Methods -- Multifactor authentication -- The knowledge factor.

The possession factor -- The inherence factor -- Login implementations -- AccountManager -- Summary -- 8. Testing Your Application -- Testing in Android -- Testing the UI -- The uiautomator API -- The UiDevice class -- The UiSelector class -- The UiObject class -- The UiCollection class -- The UiScrollable class -- The uiautomatorviewer tool -- The UI test project -- Running UI test cases -- Summary -- 9. Unit and Functional Tests -- Testing activities -- The test case classes -- Instrumentation -- The test case methods -- The Assert class and method -- The ViewAsserts class -- The MoreAsserts class -- UI testing and TouchUtils -- The mock object classes -- Creating an activity test -- Creating a unit test -- The unit test setup -- The clock test -- The layout test -- The activity Intent test -- Creating a functional test -- The functional test setup -- The UI test -- The activity Intent test -- The state management test -- Getting the results -- Summary -- 10. Supporting Tools -- Tools for unit testing -- Spoon -- Mockito -- Android Mock -- FEST Android -- Robolectric -- Tools for functional testing -- Robotium -- Espresso -- Appium -- Calabash -- MonkeyTalk -- Bot-bot -- Monkey -- Wireshark -- Other tools -- Genymotion -- Summary -- 11. Further Considerations -- What to test -- Network access -- Media availability -- Change in orientation -- Service and content provider testing -- Developer options -- Getting help -- Summary -- Index.