The Jiu-Jitsu of Detecting Frida

Frida is hugely popular with Android reverse engineers, and for good reason: It offers runtime access to pretty much everything one could dream of, from raw memory and native functions to Java obje...

More Android Anti-Debugging Fun

In my last blog post, I talked about tampering with the virtual method tables of certain JDWP-related classes in ART. By sprinkling an app with little anti-JDWP tricks, developers can effectively s...

Anti-Debugging Fun With Android ART

Messing with JDWP-related memory structures makes for some nice and stealthy anti-debugging tricks. The first mention I saw of this method was in a 2013 presentation by Bluebox Security, who were g...

Patching and Re-Signing iOS Apps

Running modifed iOS binaries on non-jailbroken devices can sometimes be a desirable proposition - especially if you just bricked your last jailbroken iPhone and were forced to update to a non-jailb...

Hooking Android System Calls for Pleasure and Benefit

The Android kernel is a powerful ally to the reverse engineer. While regular Android apps are hopelessly restricted and sandboxed, you - the reverser - can customize and alter the behavior of the o...

Solving an Android Crackme with a Little Symbolic Execution

Binary analysis frameworks provide you powerful ways of automating tasks that would be almost impossible to complete manually. In this blog, we'll have a look at Angr, a Python framework for analyz...

Mobile Reverse Engineering Unleashed

A series of articles, tutorials and howtos about reverse engineering mobile applications, plus other completely unrelated stuff. New articles will be added here. Index Solving an Android C...