Dynamic Analysis
Static Analysis
Open the application and deduct how it works.
The researcher must deduct the Data Flow.
External Data or Actions may change the application behaviour.
Change the code path.
Inject instructions.
Issues may be found in the sequence of events or the state machine.
Dynamic Analysis
Observe the application while running, allowing it to obtain information about its dynamic characteristics.
Objective
Observe the application's dynamic behaviour and determine each code's role.
What can be analyzed
Messages are exchanged with external servers (REST APIs, Web Sockets).
Intents sent or received.
Logs printed (errors, debug messages).
Files accessed/ created.
Memory content.
With code instrumentation: calls to methods, especially Android API methods.
Last updated