# Android Mobile Application Checklist * [AMA-001 - Manifest File Review](https://pentestlab.blog/2017/01/24/security-guidelines-for-android-manifest-files/) * [AMA-002 - Insecure WebView Implementation](https://pentestlab.blog/2017/02/12/android-webview-vulnerabilities/) * AMA-003 - Lack of Certificate Pinning * AMA-004 - No Rooting Detection * AMA-005 - Application Certificate * AMA-006 - Lack of Code Obfuscation * AMA-007 - Plaintext Data * [AMA-008 - APK Payload Injection](https://pentestlab.blog/2017/06/26/injecting-metasploit-payloads-into-android-applications-manually/)