Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the critical security implications of Android's Zygote process in this 41-minute conference talk that delves into advanced injection techniques and sandbox bypassing methods. Learn how Zygote functions as Android's foundational process with extensive system privileges and discover how security researchers and malicious actors exploit this architecture. Examine practical demonstrations of code injection tools including Riru and Zygisk, understanding their mechanisms for infiltrating the Zygote process. Master hooking techniques for both native code and Dalvik (DEX) bytecode, gaining insights into how these methods can be used to intercept and modify application behavior at the system level. Investigate the serious security ramifications of Zygote injection attacks, including how they can effectively break Android's sandboxing model and compromise device security, making this essential knowledge for Android security professionals, malware analysts, and mobile security researchers.
