Skip to main content

android

2026


Reverse Engineering Android Malware Apps

·23 mins
Android Malware Analysis # The goal: Understand android APK malware analysis Learning points: Understand malware and analyze an Android RAT Static and dynamic analysis using JADX, apktool and android emulator Learn how to reverse android apps Understand different types of android malware: RAT vs stalkerware Understanding the different android components in relation to malware abuse Ahmyth app # This is the aplication we will analyze: https://ahmyth.com/. AhMyth is an open source Remote Access Trojan(RAT) developed for the Android operating system. Malware is anything that does some action the end user has not consented to and they run in the background stealing user data remotely.

Android Pentesting with AndroGoat

·14 mins
Android Pentesting # To sharpen my skills, I recently took a deep dive into AndroGoat—a deliberately insecure Android application designed to showcase the most common OWASP Mobile Top 10 vulnerabilities. In this post, I’ll walk through how I combined both static and dynamic analysis to uncover hardcoded secrets, bypass security checks with Frida, and extract sensitive data from local storage. My pentesting toolkit: My pentesting tookit included: Jadx-GUI: For decompiling and reading Java/Kotlin source code. The Android Debug Bridge (adb)**: The “command line” for interacting with the emulator on android studio. Frida: For dynamic instrumentation. Instrumentation is the art of imjecting new functionality to the application at runtime e.