Notes - MCS
Reverse Engineering
Notes - MCS
Reverse Engineering
  • Reverse Engineering
  • Introduction to Reverse Engineering
    • What is Reverse Engineering (RE)
    • RE Concepts
    • When do we have RE activities?
    • Why RE is Relevant and Required
    • Limitations of RE
    • Legal Framework
    • What RE Recovers?
    • Software Reversing
    • Low-level languages
  • Files and Filetypes
    • Files
    • File extensions
    • File Signature
    • Content Type Obfuscation
  • Android – Static Analysis
    • Java Language
    • Application Entry Points
    • Application Structure
    • AndroidManifest.xml
    • Exercise 1
    • Exercise 2
    • Exercise 3
    • Exercise 4
    • Native Applications
    • Java Native Interface
    • Android Native Development Kit (NDK)
    • Android binary libraries
    • JNI Dynamic Linking
    • JNI Static Linking
    • Exercise 5 and 6
    • Web and Hybrid applications
  • Android – Dynamic Analysis
    • Dynamic Analysis
    • Logs
    • Network MiTM
    • Certificate Pinning
    • Dynamic Code Instrumentation
    • Dynamic Binary Instrumentation
    • FRIDA
  • Binary Analysis
    • Binary Objects
    • Executable Symbols
    • What is inside an Object File?
    • ELF Files
    • ELF Program Headers
    • Dynamic Linker
      • Example
    • Binary Analysis Process
    • Function detection
    • Calling Conventions
    • Common Logic Structures
    • C++ code
  • Emulation and Instrumentation
    • Dynamic Binary Analysis
    • Considerations
    • Processes
    • Dynamic Binary Instrumentation (DBI)
    • DBI with Qiling
  • Obfuscation Techniques
    • Obfuscation Techniques
    • Content Type Obfuscation
    • Code Obfuscation
  • Serial Communication
    • Comunicação paralelo
    • Comunicação série
    • Sincronização entre transmissor e recetor
    • Sincronização de relógio
    • Transmissão de dados
    • Topologias de comunicação série
    • Elementos de uma ligação série
  • A interface RS-232C
    • RS-232C
    • Estrutura da trama
    • Camada física
    • Taxa de transmissão (baudrate)
    • Receção de dados
    • Identificar parâmetros de comunicaçãoIdentificar parâmetros de comunicação
    • Encontrar a UART
    • Captura de sinais
  • Norma SPI
    • Introdução
    • Descrição geral
    • Operação
    • Simulação do master SPI
    • Arquiteturas de ligação
    • Tipos de transferências
    • Configuração de um master SPI
    • Procedimento para identificação dos sinais
    • Exemplo
  • Norma I2C
    • Introdução
    • Caraterísticas básicas
    • Exemplo de interligação num barramento I2C
    • Terminologia
    • Masters e Slaves
    • Sinalização
    • Endereçamento
    • Transferência de dados
    • Clock stretching
    • Múltiplos masters
    • Arbitragem
    • Endereços reservados
Powered by GitBook
On this page
  • Static Analysis
  • Dynamic Analysis
  • Objective
  • What can be analyzed
  1. Android – Dynamic Analysis

Dynamic Analysis

Static Analysis

Open the application and deduct how it works.

  • The researcher must deduct the Data Flow.

  • External Data or Actions may change the application behaviour.

    • Change the code path.

    • Inject instructions.

  • Issues may be found in the sequence of events or the state machine.

Dynamic Analysis

Observe the application while running, allowing it to obtain information about its dynamic characteristics.

Objective

Observe the application's dynamic behaviour and determine each code's role.

What can be analyzed

  • Messages are exchanged with external servers (REST APIs, Web Sockets).

  • Intents sent or received.

  • Logs printed (errors, debug messages).

  • Files accessed/ created.

  • Memory content.

  • With code instrumentation: calls to methods, especially Android API methods.

Last updated 1 year ago