Please log in to watch this conference skillscast.
Although hard to see at a first sight, Android applications are not completely safe – with appropriate techniques they can be reverse engineered, and the insights can be accessible by any person with the right knowledge.
Through those techniques all the valuable data from the application can be accessed – not only graphical resources, but also secret tokens, HTTP address used for connecting our own web services, passwords, algorithms, etc. Creating safe applications and knowing which techniques will prevent unauthorized access to the source code and our resources is a must nowadays.
This workshop will present three use cases on how applications can be reverse engineered. First, a single application will be decompiled, modifications will be applied on its source code, and we will see how this application can be compiled again. Secondly, we will show how we can extract from a crackme key information, such as the algorithm used to validate a key. Last, we will see a real case of reverse engineering of an application: how can we make a real code injection within an existing application.
The second part will show which tools and techniques can be used to prevent attacks. ProGuard will be introduced as the main tool to obfuscate our code, but also some general good programming and developing practices will be introduced.
The attendee will be familiar after this class also with techniques to protect stored data and to secure server interactions.
YOU MAY ALSO LIKE:
- Real World Kotlin Development Workshop (in London on 1st - 2nd July 2019)
- Fast Track to Android Architecture (in London on 21st - 23rd October 2019)
- droidcon London 2019 (in London on 24th - 25th October 2019)
- Keynote by Markus Eisele on Java in the Age of Containers and Serverless (in London on 20th June 2019)
- Keynote by Emily Jiang on On Stage Hacking: Build 12-Factor Microservices in an Hour (in London on 23rd July 2019)
- Android Home-screen Widgets with Flutter (SkillsCast recorded in April 2019)
- Full Stack Testing of Flutter Apps (SkillsCast recorded in April 2019)
Reversing Engineering Android applications (and protecting them)
Enrique is a Google Developer Expert, and Mobile Engineer at Sixt in Munich. Among other projects he has been involved with DriveNow, Sixt and myDriver. He spends his free time developing OpenSource code, writing articles, learning languages or taking photographies. He loves nature, beer, traveling, and talking about him in third person