02-11, 13:00–17:00 (UTC), Workshops - Glamorgan Suite
Extract, reverse, and exploit Android applications.
Come to this workshop if you're new to offensive security, want to develop your skills in reverse engineering, or if you're interested in Android application internals. During the four hours we'll dive into:
- The fundamentals of the Java programming language
- How Android applications are developed
- How to reverse Android application's and identify common security misconfigurations
- How to patch and dynamically instrument Android applications for security testing
Summary
This workshop will be broken down into three sections,: an introduction and talk on the fundamentals, a guided challenge / exercise, followed by free-form challenges and activities. By the end of this workshop you'll be able to develop simple Android applications, reverse Android applications to both Java and SMALI, and apply other dynamic techniques to your reverse engineering efforts such as using Frida and Patching.
Prerequisites
- A foundation knowledge of Linux CLI use
- A laptop that can run a virtual machine (with VMWare Player or equivalent installed)
- An Android Phone with ADB enabled or Android Studio installed with an emulator (please check the emulator works before hand).
About James
James is a vulnerability researcher focusing on the Android system and applications. James has over five years experience in the industry and has worked in a variety of roles from startups to global organizations.
I’m a Software Engineer and Security Researcher, with a background of over five years in the computer security industry. These days I’m working at an offensive security start-up, as well as working on a range of other side projects.