android Software Development
Tbilisi, T'bilisi, Georgia
Android reverse engineering & malware injection. As Android engineers, we often like tinkering with the platform and for us, it is much easier to recognize some patterns while analyzing malicious code which gives us a huge advantage. This talk aims to explore the basics of reverse engineering, trending tools. How to decompile, disassemble the application, how to find malicious code snippets, and what are the possible pitfalls. Difference between static and dynamic analysis. A little bit about Smali and DEX compilers. We will have 2 live demos. First: show how to reverse engineer an application and second: at the end of the session, we will decompile APK, plant malicious code, repackage again and install it on the device to test it for educational purposes. Also will provide some introductory info on what is the Catch The Flag challenges and how we can practice.
Advanced talk, 30 and more minutes. Available demos. 45 minutes perfect
droidcon APAC - https://www.droidcon.com/media-detail?video=491027100
OWASP Tbilisi 2020 - https://youtu.be/LwEPvOx-2fU (Georgian)
Slides: https://speakerdeck.com/tatocaster/reverse-and-inject-droidcon
Software Engineer with 8 years of experience, specializing in Android. An active contributor to AndroidX libraries. He is a fan of all things in software engineering. Out of work, Merab maintains an active podcast about work ethics and career growth and writes tech blogs. He is a GDG organizer and speaker at international conferences (DroidCon, DevFest, OWASP) and beyond. Community builder. Does 1:1 mentoring. Alongside his technological pursuits, he is an amateur cyclist and runner.
references:
https://www.droidcon.com/media-detail?video=491027100 - droidcon APAC 2020
https://youtu.be/LLtzvEDqedM - DevFest Tbilisi/Vienna/Yerevan 2019
https://youtu.be/9DVg2XymmSI?t=375 - Nullcon 2021
https://youtu.be/KUzIGjxoMO0 - Software Development Webinar 2020
https://youtu.be/LwEPvOx-2fU - OWASP Tbilisi 2020
https://tatocaster.medium.com/
https://debuggerpodcast.ge