Main Menu
My Infosec
Main Menu
My Infosec

Reverse Engineering Android Training Boot Camp

This hands-on, three-day Boot Camp will give you the knowledge and skills needed to reverse engineer Android applications. You will learn how to analyze Android APK binary, hostile code and binary vulnerabilities, and also how to see through binary obfuscation schemes.

Award-Winning Training

With over 32 industry awards, 20 years of experience and 50,000 students, it’s easy to see why InfoSec Institute is the industry’s leading information security education provider.

Analysts Recommended

Train with the best! IDC lists InfoSec Institute as Major Player in their Security Training Vendor Assessment.

Course Description

Reverse engineering is a vital skill for today’s expert security professional. Protecting any organization from today’s ever-evolving security threats requires a broad skill set, including everything from reverse engineering malware to discovering binary vulnerabilities.

In this three-day, hands-on course, you will gain the binary analysis skills needed to discover the true nature of any Android APK binary. You will learn how to recognize high-level language constructs (such as branching statements, looping functions and network socket code) critical to performing a thorough and professional reverse engineering analysis of a binary. After learning these important introductory skills, you will advance to analysis of:

  • Hostile code and malware, including worms, viruses, trojans, rootkits and bots
  • Vulnerabilities in binaries, including exposed data, insecure Web connections and flawed cryptographic schemes
  • Binary obfuscation schemes used by hackers, trojan writers and copy protection algorithms

You will also learn how to work with Android SDK and industry-standard Android decompilers, disassemblers, debuggers and security testing tools, such as dex2jar, jadx-gui, APKTool, Drozer and many others. Additionally, you will practice using hex editors and network traffic analyzers, and even learn how to create simple Python scripts through hands-on lab exercises.

Daily Capture-the-Flag Exercises

Capture-the-flag exercises allow you to practice your new Android reversing skills in a real-world environment. Our custom-built Android APKs contain challenges similar to what you may see in real Android malware, helping you apply the skills you learned during the day to real-world reverse engineering scenarios.

View Pricing

We will never share any of your information, spam you or annoy you with pushy sales pitches.

Award-Winning Training

Course Overview

    • Course Introduction
    • Android Applications Overview
      • Types of Android Applications
      • Intro to Java
      • Android Studio
      • Dalvik VM Architecture
      • APK Format
      • DEX (Dalvik Executable) Format
      • Android Security Model
      • Android Stack
      • Application Permissions
      • APK Manager Overview
      • Android File Hierarchy (source code and decompiled app)
      • Application Components (activities, services, content providers, broadcast receivers)
    • Static Application Analysis
      • Android SDK Overview
      • Creating Android Virtual Devices
      • Using the Android Debug Bridge
      • Obtaining APK
      • Disassembling Android Apps
      • Introduction to Smali
      • Smali/baksmali and APKTool
      • Decompiling Android Apps
      • Popular Decompilers (dex2jar, JD, jadx)
      • Code Analysis Example
    • Dynamic Application Analysis
      • Dynamic Analysis Goals
      • Dynamic Analysis Example
      • Network Analysis Tools (tcpdump, Wireshark, Burp Suite)
      • Sniffing HTTPS traffic
    • Debugging Android Applications
      • Debugging Overview
      • Obfuscation Techniques
      • Dealing with Encoding/Encryption
      • Modifying the Application
      • Building and Re-compiling Applications
      • Signing and Re-signing Applications
      • ARM Assembly
      • Debugging with gdbserver
      • Reversing Example
    • Hands-on lab exercises include:
      • Building and running Android Virtual Devices
      • App decompilation and code analysis with jadx-gui
      • App disassembly with APKTool
      • Examining an application with hidden functionality
      • Analyzing network communications
      • Intercepting and examining SSL encrypted Web connections
      • Static and dynamic analysis using Drozer
      • Interacting with broadcast receivers
      • Analysis with MobSF
      • Baksmaling, modifying, building, signing and installing an app
      • Reversing Phonegap/Cordova apps
      • Debugging a defensive app
      • Modifying a malicious app for reversing
      • Reversing a Xamarin app
      • Manual deobfuscation

    Due to the ever-evolving security industry, course content is constantly updated. Course syllabus is subject to change.

    Additional Information

    Learn From Experts

    All our Reverse Engineering Android Boot Camp instructors actively work in the field of incident response or security research. They have spoken at high-profile conferences and industry events such as Black Hat Briefings, the RSA Security Conference and Pentagon Security Forum.

    How You Benefit

    1. Gain in-demand reverse engineering skills. Very few information security professionals, incident response analysts and vulnerability researchers have the ability to reverse binaries efficiently. This course will put you at the top of your field.
    2. Learn the methodologies, tools and manual reversing techniques used in real-world scenarios.
    3. Move beyond automated input and output testing of binaries commonly used by fuzzers and other analysis tools.
    4. Get hands-on experience in our dedicated reversing lab.

    What’s Included

    • Expert Android reverse engineering instruction from a senior instructor with real-world experience and deep knowledge of course content
    • A personal learning experience in a guaranteed small class size — less than 10 to 16 students!
    • Lunch and assorted snacks (for On-Site students only)
    • Lecture, lab exercises and text book

    Book your course

      What Our Students Are Saying

      Without any question, InfoSec has the most gifted individual instructors. Our instructor for this class was both an excellent educator and a premier/world class security expert. He was able to clearly explain and impart to the students, the most complicated security techniques I have ever heard of or imagined. I simply can not find the words to recommend him and Infosec security training more highly.
      JH

      John Hollan GE

      Advanced Ethical Hacking Training Boot Camp
      Ready to get started? Get instant pricing for this award-winning boot camp. View course pricing
      View instant course pricing