Reversing Android malware for the Smart and Lazy

Back to the list of Speakers and Sessions
Watch the stream
Android malware are packed and obfuscated. There are many ways to defeat this as a reverse engineer. Disassembly with Baksmali, Androguard, JADX etc is rewarding but long (and painful?). If you are just interested in the result (unpacked executable, non obfuscated), there are more efficient tools. In this workshop, hands-on lab will introduce you to Dexcalibur and House. You will unpack and de-obfuscate an Android malware in virtually no time (well, 3 hours for your first time :D).

Pre-requisites/assumed knowledge:

This workshop is best suited for intermediate to advanced reverse engineers/researchers. Basically, you need to be at ease in a Unix environment + be able to read and write small programs.

Participants should prepare by:

Before the workshop, it is recommended to

(1) Download and install Android Studio (2) Setup an Android emulator x86_64 without Google Play

Other software will be installed during the workshop.