Android Mobile App Pen Test

I need a thorough penetration test on a single Android mobile application that is nearing public release. The goal is to uncover real-world vulnerabilities—authentication flaws, insecure storage, broken crypto, exposed APIs—before any user ever downloads the app. I will supply the signed APK, test accounts, and endpoint documentation; you bring your tooling, methodology, and defensive mindset. Please follow the OWASP Mobile Security Testing Guide and standard red-team techniques (Burp Suite, Frida, adb, static and dynamic analysis, etc.) while keeping the attack surface strictly limited to the app and its associated backend. Deliverables • Executive-level summary highlighting overall security posture • Technical report detailing each finding: risk rating, reproduction steps, screenshots/PoCs, and remediation advice • Proof-of-concept scripts or logs for critical issues • Retest verification after fixes (one round) The engagement must remain confidential under an NDA, and all testing must respect relevant laws and app store policies. Let me know your estimated timeline and the tools you prefer to use so we can schedule access and kick off the assessment.

Project ID: 39731292