Description
In this course, you will learn:
- A thorough understanding of the Android app structure.
- How to exploit Activities, BroadcastReceiver, and ContentProvider (SQL Injection and Path Traversal).
- Bypassing Rooting Detection (SMALI and FRIDA)
- Bypassing Certificate Pinning (SMALI and FRIDA)
- Executing a man-in-the-middle assault.
- Analyzing and manipulating the network traffic of a mobile application.
- Creating call and flow graphs to reverse engineer heavily obfuscated applications.
- Manipulating Java and C/C++ methods (FRIDA & SMALI)
- Reading- / Writing SMALI code
- Injecting own (custom) code into existing applications
- Deep understanding of the android permission model
- Modifying games (infinite lives, high score, invisble, invincible) - Writing a trainer
- Analzying bluetooth low energy connections
- Dealing with different encryption types (e.g. AES)
- Deep- / Web- / App-Links (Bug Bounty)
- Reversing native libraries with Ghidra
- Debugging Java code
- Debugging SMALI code (live - with interpreter)
- Webvies & JavaScriptInterfaces
Syllabus:
- Installation and Setup
- App Structure
- Reverse Engineering Android Apps
- Smali
- Man in the Middle
- FRIDA
- CTF - Series (New 2024!)
- Additional Files