Malicious Android app for security testing

Abstract

This bachelor’s thesis details the design, implementation, and deployment of a prototype of an Android application that is used for an illustrative example of how applications in a given operating system can use permissions to access user's sensitive data. Application uses only built-in Android API and it can access and transmit different kinds of user’s sensitive information including photos, downloaded files, location, SMS messages, and call logs. The output of this thesis can be used to enhance the digital literacy of users.