Platform for Experts 
Mobile & Backend Security Testing 
Our Company 
Blog
Contact us
eShard
/
escoaching
/
Static Analysis Android
Novice

Static Analysis of an Android application

This module mainly focuses on static analysis of an Android application. It is split in two parts: the first one focuses on the static analysis of the java code, and the second one on the native code. During this module, you will learn how to find entry points from where one can perform further analyses from the Java code to the Native one. Different techniques and tools will be demonstrated so you can practice.

Covered Topics

What you will learn:

  • Disassemble and decompile an application to start reviewing the code
  • Surface analysis, finding entry points and low hanging fruits
  • Patching an application
  • Use Android Studio to review your code and apply some best practices while reverse engineering the code
  • Tips for reviewing obfuscated code

Exercises

A CrackMe-like challenge is provided as a practical exercise.

Different flags have to be found with only one condition: the trainee has to only perform static analysis to reverse engineer the application and retrieve those flags.

You will have to extract and decompile or disassemble the code to review it.

You will have to apply the tips that were provided while using Android Studio to review the code, especially, obfuscated ones.

Requirements

  • Knowledge of the anatomy of an Android app (if not, Module 1 required)
  • Knowledge of the SMALI syntax (if not, Module 1 required)
  • Knowledge of the Java and C/C++ programming languages
  • Being at ease with Linux-based environment system
  • Knowledge of the Java programming language
  • Beginner level with the tools: GHIDRA, Android Studio, jeb (or any free alternative, like jadx)
Contact us

Practical informations

Overall duration: 5 to 10 days

Schedule: 9:30am - 13pm (CET/CEST) - virtual/in person

Number of trainees: 2 trainees max.

Our Coaches

Tiana
Razafindralambo
CopyRights eShard 2022.
All rights reserved
Privacy policy | Legal Notice
PLATFORM FOR EXPERTS
Side Channel AnalysisLaser & EM Fault InjectionFirmware Security AnalysisSecurity Failure AnalysisVulnerability Research
PROFESSIONAL SERVICES