In the workshop tools and techniques will be demonstrated to analyze Android applications.
Participants will get basic knowledge about how Android applications are built, how to reverse engineer them, what tools can be used and how to use them, what to look for in the source code, how to convince the mobile application to send data over a proxy and at last how to analyze mobile applications at runtime.
We will start by showing how to connect to an android based phone or emulator using adb. After connecting we will download a demo application. The demo application will be used in further demonstrations where tools like dex2jar, JD-GUI, apktool, Apkyzer will be shown in action. We will also give a brief introduction to smali (language and tool).
In the second part of Hello Android Applications we will focus on the dynamic analysis of APK’s. We will show how to configure your phone to send traffic over a proxy and use Burp proxy tool to intercept and modify traffic. For the dynamic analysis of Android applications we will use Vaccine. Basic introduction about the Vaccine architecture and the process of preparation of an Android application will be given. At the end we will show Vaccine in action.