Learn techniques for quickly identifying and bypassing Android app protection schemes in this conference talk from LevelUp 2017. Discover methods to efficiently reverse engineer applications and overcome obstacles like packers, obfuscators, and anti-debugging measures. Gain practical skills to accelerate bug hunting and improve your return on investment in mobile bug bounty programs. Explore tools and strategies for penetrating the core of Android apps, allowing you to find vulnerabilities faster. Apply these insights to enhance your mobile security testing capabilities and increase your success in bug bounty hunting.
Identifying & Avoiding Android App Protections - Tim Strazzere, LevelUp 2017
Overview
Syllabus
Intro
WHY THE EVADE IN THE TITLE?
DON'T DO WORK FOR FREE
HUNTING IN BUG BOUNTIES IS A SKILL
APPLYING THIS TO MOBILE BOUNTIES
IDENTIFYING YOUR OBSTACLES
EVADING YOUR OBSTACLES
DON'T REINVENT THE WHEEL
PSEUDO DECRYPT
KONY GETS ANGRY...
ANGRY MEANS WE EVADE HARDER
VICTORY!
WHAT TO DO WITH THIS?
LESSON LEARNED?
OTHER BUG BOUNTY TLDRS
SOAPBOX
REFERENCES AND RESOURCES
GOOD LUCK HUNTING!
Taught by
Bugcrowd
