Android Reverse Engineering

• Programming: Java, Kotlin, JavaScript, Flutter, other mobile software languages

• Reverse Engineering: Static and dynamic analysis techniques, using tools such as Jadx, Ghidra, Frida, IDA Pro, Burp

• Analyzing, unpacking, and reverse engineering code of malicious applications or SDKs

• ELF (Native Binaries) reverse engineering

• Query languages: SQL

• Android fundamentals: Activity lifecycles, common Android API usage, AOSP

• Techniques used by malicious software

• Mobile App store policies (Ads, PHAs, Developer)

• Reading, comprehending, and analyzing source code

• Security engineering and analysis: Network security, cryptography, authentication security, rooting, packing, network protocols, and interception 

• Signature development (e.g., Yara)

• Threat research (APT using OSINT, Virus Total, ExploitDB, MITRE)

• Vulnerability analysis or security code review

• Android software development

• Google Ads or content moderation

• Capture the Flag (CTF) for mobile software

• Pen testing: Blue Team and Red Team experience

• Signature Development: Experience with developing signatures, such as Yara.

• Threat Research: Research on threats such as Advanced Persistent Threats (APT) using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.).

• Security Engineering and Analysis: In-depth knowledge of security topics, including computer and network security, cryptography, authentication security, rooting, packing, and network protocols.

• Vulnerability Analysis or Security Code Review: Experience with these areas is beneficial.

• Android Software Development: Hands-on experience in Android software development.

• Google Ads or Content Moderation: Familiarity with these areas is a plus.

• Capture the Flag (CTF) Participation: Participation in CTF competitions for mobile software.

• Pen Testing: Experience in pen-testing, with knowledge of Blue Team and/or Red Team methodologies.

• Programming Languages: Strong proficiency in Java and Kotlin; experience with JavaScript, Flutter, and other mobile software languages.

• Reverse Engineering: Experience with analyzing, unpacking, and reverse engineering code of malicious applications or SDKs using tools like Jadx, Ghidra, Frida, IDA Pro, Burp.

• Static and Dynamic Analysis Techniques: Proficient in both static and dynamic analysis methods for identifying malware and other security threats.

• ELF (Native Binaries) Reverse Engineering: Experience with reverse engineering native binaries.

• SQL: Experience developing SQL code to query data and identify common issues in malware analysis.

• Android Fundamentals: Understanding Android activity lifecycles, common Android API usage, AOSP, and Android application development.

• Techniques Used by Malicious Software: Knowledge of various methods used by malware to harm user devices or data.

• Mobile App Store Policies: Familiarity with policies regarding ads, potentially harmful applications (PHAs), and developer guidelines.

• Source Code Analysis: Ability to read, comprehend, and analyze source code.