======
unzip app.apk -d /path/to/directory
Files created on external storage such as SD cards are globally readable and writable. Don't store sensitive information here! In addition, you should not store executable or class files because it should be treated as untrusted.
apktool d app.apk
grep "package" ./application/AndroidManifest.xml
fullpath=$(pwd); for file in $(find . -name "*.smali"); do smali a $fullpath/$file; done
adb devices
adb install /path/to/apk
adb push /from /to
adb pull /from /to
adb -s 192.168.0.1:5555 uninstall com.app.local
adb shell 'pm list package'
adb shell 'ps | grep com'
adb connect 192.168.0.28:5555
adb shell
adb -s 192.168.0.165:5555 shell
adb logcat
/system/etc/security/cacerts
/storage/emulated/0/Download
/data/local/tmp
/assets, /res/raw
adb -s 192.168.0.165:5555 push .\9a5ba575.0 /system/etc/security/cacerts
adb remount
application/vnd.android.package-archive
Downloaded 'for personal use'. Created an account and chose existing VirtualBox installation. Clicked the "plus" to add a new device and selected Samsung 10 (2048 MB of memory). Booted up
jadx -d /path/to/output app.apk
d2j-dex2jar.sh /path/to/app.apk
Java Decompiler for .JAR files
apktool d file.apk
./mara.sh -s '/path/to/app.apk'
Decompiles/Scans for security issues
Automated analysis of Android/iOS/Windows for static and dynamic analysis.
Runtime.exec()
ProcessBuilder()
system()
nm -Ca foo.o
nm -D foo.so
objdump -f foo.so
objdump -d foo.so
objdump --section=.text -s -d main.o
objdump -d -j .got /path/to/bin
adb -s 192.168.0.165:5555 reboot; adb -s 192.168.0.165:5555 install .\UnCrackable-Level1.apk
Frida is a dynamic binary instrumentation tool.
frida-ps -U -D 192.168.0.165:5555
frida-trace -i "recv" -i "read" twitter
strings to search: /su,superuser.apk,supersu,busybox
frida -D 192.168.0.165:5555 -l .\fridademo-pinBypass.txt infosecadventures.fridademo
(within JS) var ret_value = this.function(2,5); return ret_value;
frida-trace -D <device> -p <pid> -i "libfoo.so!"
frida-trace -D <device> -p <pid> -i "Java_*""
objection patchapk -s test_app.apk
frida -U gadget
https://11x256.github.io/Frida-hooking-android-part-1/
memory search secretPass --string