  • Под капотом

From Idea to CVE: How to Find Vulnerabilities in Android

In Russian

In my talk, I will discuss how to find security vulnerabilities in Android OS and share practical recommendations on where to start, how to choose a target, which methods and tools to use, and what to focus on. We will also cover all the key aspects of creating a high-quality technical report.

I will also provide a detailed explanation of a vulnerability’s lifecycle — from the moment it's discovered to CVE assignment and publication in Android Security Bulletin.

Additionally, I plan to share technical details of some vulnerabilities I have found in Android OS, all of which have already been fixed.

This talk will be valuable for anyone interested in Android security and looking to get into bug hunting.

