-
Similar Content
-
By itsMe
Dexcalibur
Dexcalibur is an Android reverse engineering platform focus on instrumentation automation. Its particularity is to use dynamic analysis to improve static analysis heuristics. It aims to automate boring tasks related to dynamic instrumentation, such as :
Hidden Content
Give reaction to this post to see the hidden content.
Decompile/disass intercepted bytecode at runtime
Write hook code and Manage a lot of hook message
Search interesting pattern/things to hook
Process data gathered by hook (dex file, invoked method, class loader, …)
and so … But not only that, because Dexcalibur has its own static analysis engine and it is able to execute a partial piece of smali.
Features and limitations
Actually, the biggest limitation is Dexcalibur is not able to generate source code of hook targeting native function (into JNI library). However, you can declare manually a Frida’s Interceptor by editing a hook.
Assuming Dexcalibur does not provide (for the moment) features to analyze native parts such as the JNI library or JNA, only features and limitations related to the Java part have been detailed.
Analysis accuracy depends on the completeness of the Android API image used during the early steps of the analysis. That means, if you use a DEX file generated from the Android.jar file from Android SDK, some references to internal methods, fields, or classes from Android java API could be missing. Better results are obtained when the analysis starts from a “boot.oat” file extracted directly from a real device running the expected Android version.
Hidden Content
Give reaction to this post to see the hidden content. Changelog v0.7.8
Fixed issues :
#43, #42 : Better detection and remediation of issues related to target platform and to target device
Improvements :
SmaliParser works on Windows
Add support of Android API 30
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. What you'll learn
Penetration Testing with Android Application
Hacking Mobile Application
Reverse Engineering of APK
Requirements
Learning Mindset
Description
This course includes customized VM with pre-installed tools which will save your time in installing multiple tools required for penetration testing of mobile applications.
- Start from Android architectures basics.
- Get a Customized VM with pre-installed tools
- Automated the Mobile Application Testing Process
- Covers Mobile applications reverse engineering.
- Practice on real world mobile applications.
- Build your own home lab on mobile application security.
- Provides you the skills necessary to perform Penetration tests of mobile applications.
- Automate the process of Mobile Testing
- Cover OWASP Top 10 vulnerabilities
Syallabus includes:-
Syllabus:
Introduction To Mobile Apps.
Mobile Application Security.
Mobile Application Penetration Testing.
The most common areas where we find mobile application data resides.
The Architecture of Android.
The App Sandbox and the Permission Model.
AndroidManifest.xml File.
Android Compilation Process.
Android Startup Process.
Android Application Components.
Setup a testing environment.
Android Debug Bridge (adb).
intercept and analyze the network traffic.
Reversing an Android application.
OWASP top 10 vulnerabilities for mobiles.
Install DIVA (Damn insecure and vulnerable App).
Insecure Logging Issue.
Insecure Data Storage.
Database Insecure Storage.
Insecure Data Storage Inside Temporary Files.
Hardcoding Issues.
NOTE: This course is created for educational purposes only.
Who this course is for:
Penetration testers
Forensers
Mobile App Developers
IT personnel
Anyone who has a personal or professional interest in attacking mobile applications.
All who wants to start their carrier in android security.
Who this course is for:
Android Penetration Testing
Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Update 30.01.2021 - Fusion Edition
You can multiple operation handle; multiple files upload and download, while watch live cam or screen watch, download or upload files multiple.
Builder error fixed. Now there no will be error.
Performance increased.
while Doze Mode (sleep mode) your victim can connect by hand Alarm Manager to server and communicate wtih you.
If server has no internet, victim can re-connect to server while internet avaible on Server.
Snapshot from camera is currently disabled by me. [I'm too lazy for re-coding this for new Socket instance :)].
Added settings for emui devices(huawei, oppo, honor etc....) for background working.
and some bug fixing, performance stabilisations etc......
Version 3
+Added live Camera stream (with resolution,zoom,flash,quality controls and scene,focus,white balance mode)
+Fixed loss data transfer
+Some excess codes have been removed
+Performance has been increased
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. APKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It’s PEiD for Android.
Hidden Content
Give reaction to this post to see the hidden content. -
By dEEpEst
ETHICAL HACKING USING ANDROID DEVICE
In This Course You Get Some Videos Tutorials For Learning Hacking Using Android Devices
LINK -
Hidden Content
Give reaction to this post to see the hidden content.
-
