Android applications may leak sensitive information either inherently or as a result of harmful influence. When this happens, it's called an Information disclosure vulnerability. This recipe talks about how to check an application for potential leaks of sensitive information by inspecting the Android logcat, which is used by the application developers as a debugging tool. We will also talk about how you can take advantage of one of Android's built-in benchmarking tools to help make logcat inspection a little more rewarding.
Before we begin, you will need the following: