Details of the offer for Android application analysis internship offer: logical bugs and shade analysis M/W about r-d at RandoriSec in Paris

As part of its development, RandoriSec is looking for an intern (M / F) who would like to join a consulting firm specializing in offensive security. The candidate will join the team dedicated to R&D on reverse engineering issues and vulnerability research. The Android ecosystem has been constantly evolving for many years and the userland layer presents an attractive surface: the applications are as close as possible to the users, many applications even come pre-installed on smartphones, all different depending on the manufacturer.

How do you correctly identify the attack surface? What are the means for an application (or application chain) to elevate its privileges?

How to automate all these actions on mass analysis of applications?

The intern will be responsible for: - Achieve a state of the art of Android logical bug exploitation techniques;

- Take over and improve the team's existing analysis tool, in particular by integrating a shade analysis;

- Validate development work by finding vulnerabilities by writing exploitation codes.

Required profile :

- Fluency in Java and Android;

- Programming in Python;

- Willingness to explore topics related to vulnerability research and reverse engineering;

- Proficiency in English and French.

Internship based in Paris (75004), near the Chatelet metro station.

The internship may lead to a permanent hiring within the team.