Content providers often hold a lot of valuable information, such as users' phone numbers or Twitter passwords, and you may want to find out whether or not it's possible for malicious attackers to get their hands on this information. The best way to find out whether a content provider is vulnerable to attack is by trying to attack it yourself.

For you to be able to attack a content provider, as with many application-level attacks, it usually comes down to sending a malicious intent to an application. When it comes to content providers, your intent will be honed towards its target by the URI string it contains, since this URI identifies which content provider should handle the intent.

So then there's just one ...