Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes

•

0 likes•643 views

Takahiro Yoshimura

Slide for #defcon25 Demo Labs.

Technology

TRUESEEING:
EFFECTIVE
DATAFLOW
ANALYSIS
OVER DALVIK
OPCODES
Takahiro / Ken-ya Yoshimura
(@alterakey / @ad3liae)

WHO WE ARE
➤ alterakey
➤ Security Researcher
➤ iOS/Android Apps
➤ Android System
➤ Network
➤ ad3liae
➤ Security Researcher
➤ iOS Apps
➤ At Monolith Works Inc.

MOBILE APP SECURITY
➤ Attack Vectors
➤ Malicious App
➤ Malicious User
➤ Risks
➤ Vulnerabilities
➤ Unwanted Behaviors

FINDING VULNERABILITIES
➤ Static Analysis
➤ Reversing the target and deriving its behavior
➤ Reversing data ﬂow is important
➤ Decompilers (such as JD-GUI) are essential tools
➤ Decompiling takes time 
➤ Dynamic Analysis
➤ Running the target and seeing its behavior

PROBLEMS
➤ Dynamic Analysis
➤ Often unwanted :(
➤ Obfuscation
➤ Common practice
➤ Hinders decompilers
➤ What can we do?

RELATED WORKS
➤ Mixing multiple decompilers 
(QARK et al.)
➤ Speed: even more time
➤ Fragility 
➤ Mixing alone does not answer
the question, IMHO..

GO DIRECT
➤ Trueseeing
➤ Capable of
➤ Reversing data ﬂow
➤ Loosely guessing constants/
typesets/…
➤ Manifest analysis (of
course)
➤ Uses no decompilers
➤ Speed
➤ Resiliency

MARKING UP
➤ Constants
➤ Invocations
➤ Stored as tables/views

DATAFLOW TRACING (1)
➤ Call tracing
➤ Reading backwards
➤ Climbing call stacks up

DATAFLOW TRACING (2)
➤ Static trace
➤ Matching sget/sput
➤ Solving constants in sput

DATAFLOW TRACING (3)
➤ Instansic trance
➤ Matching iget/iput
➤ Ignoring instance identity
➤ Solving constants in iput

REPORTING
➤ HTML: clarity
➤ gcc-style: CI

CAPABILITY
➤ Most of OWASP TOP 10 Mobile
(2015)
➤ M1: Improper Platform Usage
➤ M2: Insecure Data
➤ M3: Insecure Communication
➤ M4: Insecure Authentication
➤ M5: Insuﬃcient Cryptography
➤ M6: Insecure Authorization
➤ M7: Client Code Quality Issues
➤ M8: Code Tampering
➤ M9: Reverse Engineering
➤ M10: Extraneous Functionality

Similar to Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes

Tech w23

SelectedPresentations

Learn how to prevent & detect even the most complex “file-less” ransomware exploits Ransomware continues to evolve as perpetrators develop new exploits with consequences that can be dramatic and immediate. The purveyors of ransomware continue to prosper with adversaries developing new strains such as Zepto and Cerber that are proving to be more challenging than ever. Other exploits can alter programmable logic controller (PLC) parameters and adversely impact mechanical systems. Clearly, new defense approaches are needed because organizations can no longer rely on backups and conventional security solutions to protect them. Join CrowdStrike Senior Security Architect Dan Brown as he offers details on these sophisticated new ransomware threats, and reveals recent innovations designed to offer better protection – including new indicator of attack (IOA) behavioral analysis methodologies that can detect and prevent even the most complex “file-less” ransomware exploits. Attend this CrowdCast where Dan will discuss: --The challenges of defending against dangerous new variants, such as Zepto and Cerber --Real-world examples of ransomware in action and the sophisticated tactics being used by a variety of adversaries --How the CrowdStrike Falcon cloud-delivered platform can defend your organization against new super strains of ransomware that use sophisticated malware-free tactics

CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...

CrowdStrike

Asynchronicity

Takahiro Yoshimura

In this session, I talk about how empirical data (which I’m calling agile numbers) can serve as signposts on our journey to reach the goal of delivering customer value faster with maximum reliability and minimum issues. I’ll show how agile numbers can help us determine if a practice is worth the investment and whether it will improve our team’s performance. I will also share examples of agile numbers that can assist you in your agile journey. Those numbers are pulled from different sources like scientific studies, research from Google, and the 2017 State of DevOps Report. The talk explores what empirical data tells us about what works and what doesn’t in software delivery: * What is the best team structure that leads to high IT performance? * What is the best architecture that leads to high IT performance? * Do skills, experience and personalities on a team what distinguishes great teams? * What leadership attributes are tied to high IT performance? Is estimation scientifically valid? * Do code review works? How much time should we spend on them? * How long is too long for a branch? * And much more

Agile numbers

Akrem Saed

Justin Ison

CodeFest

In this webinar, we’ll explore how to navigate the tension between speed and security when it comes to open source languages. Enterprises are challenged by conflicting interests: Engineering teams want more time to focus on code quality, but product managers want to ship faster. Developers want the best tool for the job, but companies resist adding more technology stacks to their growing tech debt. Retrofitting for security and vulnerabilities after the fact becomes a big blocker for Development and Engineering teams. Enterprises are challenged with resolving new threats and vulnerabilities at the pace at which they crop up. And yet, speed wins over security because faster time-to-market takes a greater priority over fixing vulnerabilities. Our expert panel will cover how to resolve the tension between speed and security by practices which: Minimize DevOps overhead from retrofitting programming languages with new versions, dependencies, security patches, etc. Enable Continuous Builds to keep up with your continuous deployments Use Build Validation to vet your continuous builds against smoke tests

How to Manage the Risk of your Polyglot Environments

DevOps.com

Mobile developers face unique challenges when detecting and reporting crashes in apps due to their prevailing GUI event-driven nature and additional sources of inputs (e.g., sensor readings). To support developers in these tasks, we introduce a novel, automated approach called CRASHSCOPE. This tool explores a given Android app using systematic input generation, according to several strategies informed by static and dynamic analyses, with the intrinsic goal of triggering crashes. When a crash is detected, CRASHSCOPE generates an augmented crash report containing screenshots, detailed crash reproduction steps, the captured exception stack trace, and a fully replayable script that automatically reproduces the crash on a target device(s). We evaluated CRASHSCOPE’s effectiveness in discovering crashes as compared to five state-of-the-art Android input generation tools on 61 applications. The results demonstrate that CRASHSCOPE performs about as well as current tools for detecting crashes and provides more detailed fault information. Additionally, in a study analyzing eight real-world Android app crashes, we found that CRASHSCOPE’s reports are easily readable and allow for reliable reproduction of crashes by presenting more explicit information than human written reports.

Automatically Discovering, Reporting and Reproducing Android Application Crashes

Kevin Moran

These slides are from Adam Babajee-Pycroft's talk at the October 2016 Digital Gaggle Conference in Bristol. Adam is Managing Director and Head of UX at Natural Interaction in Bristol. Talk summary: Involving users in the design process is critical to digital success but how many times have you been told things like: we don’t have time, we can’t afford it, we’ll do it after the site is built. You needed to get the feature live yesterday, but there’s no reason that user research should suffer. The solution? Remote user research. In this talk Adam will share what he’s learnt having executed hundreds of hours of remote research on a variety of projects including: common mistakes and issues, how to find the right participants and the advantages of disadvantages of certain tools.

Validating Ideas Fast With Remote User Research | Digital Gaggle Conference O...

Noisy Little Monkey

Chaos Engineering Without Observability ... Is Just Chaos

Charity Majors

Exploratory testing and the mobile tester : A presentation by Jon Hagar

Gallop Solutions

Google, quality and you

nelinger

What is Web-scraping?

Yu-Chang Ho

Command and Control is one of the most important tactics in the MITRE ATT&CK matrix as it allows the attacker to interact with the target system and realize their objectives. Organizations leverage Cyber Threat Intelligence to understand their threat model and adversaries that have the intent, opportunity, and capability to attack. Red Team, Blue Team, and virtual Purple Teams work together to understand the adversary Tactics, Techniques, and Procedures to perform adversary emulations and improve detective and preventive controls. The C2 Matrix was created to aggregate all the Command and Control frameworks publicly available (open-source and commercial) in a single resource to assist teams in testing their own controls through adversary emulations (Red Team or Purple Team Exercises). Phase 1 lists all the Command and Control features such as the coding language used, channels (HTTP, TCP, DNS, SMB, etc.), agents, key exchange, and other operational security features and capabilities. This allows more efficient decision making when called upon to emulate and adversary TTPs. It is the golden age of Command and Control (C2) frameworks. Learn how these C2 frameworks work and start testing against your organization to improve detective and preventive controls. The C2 Matrix currently has 35 command and control frameworks documented in a Google Sheet, web site, and questionnaire format. https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc/edit#gid=0 https://www.thec2matrix.com/matrix https://ask.thec2matrix.com/ Learn how Red Teams and Blue Teams work together in virtual Purple Teams Leverage Cyber Threat Intelligence to understand adversary tactics, techniques, and procedures Perform adversary emulations in Red or Purple Team Exercises Choose which command and control to use for the assessment to provide the most value Measure and improve people, process, and technology

Adversary Emulation and the C2 Matrix

Jorge Orchilles

SBQS 2013 Keynote: Cooperative Testing and Analysis

Tao Xie

Automated Exploratory Testing

Justin Ison

ISSTA 2017 Impact Paper Award Presentation

Alex Orso

Dynamic Population Discovery for Lateral Movement (Using Machine Learning)

Rod Soto

Slides for EDUCAUSE - Security Professionals Conference Online https://www.educause.edu/ by https://twitter.com/jorgeorchilles References: Definitions: https://medium.com/@jorgeorchilles/ethical-hacking-definitions-9b9a6dad4988 MITRE ATT&CK https://attack.mitre.org/ ATT&CK Navigator: https://mitre-attack.github.io/attack-navigator/enterprise/ C2 Matrix: https://www.thec2matrix.com/ VECTR: https://vectr.io/ 2 Day Red Team Exercises and Adversary Emulation SANS Course SEC564: https://www.sans.org/course/red-team-exercises-adversary-emulation

Adversary Emulation and Red Team Exercises - EDUCAUSE

Jorge Orchilles

A common problem in mobile systems testing is the number of hardware, operational, and software configurations that need to be tested. For example, the so-called Android fragmentation problem might lead a test team to test hundreds of device and software configurations, yielding thousands or even tens-of-thousands of tests. A branch of mathematics, called combinatorics, and associated tools exist that allow teams to minimize the number of test cases required, while assuring high error finding percentages. Jon Hagar defines the fragmentation problem and then examines test patterns supported by tools that can help improve testing success. Jon outlines how combinatorial test patterns can be applied to other testing situations. To solve real-world fragmentation problems, he identifies specific tools, which you can take back to your project for quick use. Reference work and data are provided to help your team justify adding combinatorial testing to your mobile test activities.

Use Combinatorial Testing for Mobile Device Fragmentation

Josiah Renaudin

If you thought it was difficult bringing the Ops and Dev teams to the same table, let’s talk about security! Often housed in a separate team, security experts have no incentive to ship software, with a mission solely to minimise risk. This talk is a detailed case study of bringing security into DevOps. We’ll look at the challenges and tactics, from the suboptimal starting point of a highly regulated system with a history of negative media attention. It follows an Agile-aspiring Government IT team from the time when a deployable product was "finished" to when the application was first deployed many months later. This talk is about humans and systems - in particular how groups often need to flex beyond the bounds of what either side considers reasonable, in order to get a job done. We’ll talk about structural challenges, human challenges, and ultimately how we managed to break through them. There are no villains - everybody in this story is a hero, working relentlessly through obstacles of structure, time, law, and history. Come hear what finally made the difference, filling in the missing middle of DevSecOps.

DevSecOps at Agile 2019

Elizabeth Ayer

Similar to Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes (20)

Tech w23

CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...

Asynchronicity

Agile numbers

Justin Ison

How to Manage the Risk of your Polyglot Environments

Automatically Discovering, Reporting and Reproducing Android Application Crashes

Validating Ideas Fast With Remote User Research | Digital Gaggle Conference O...

Chaos Engineering Without Observability ... Is Just Chaos

Exploratory testing and the mobile tester : A presentation by Jon Hagar

Google, quality and you

What is Web-scraping?

Adversary Emulation and the C2 Matrix

SBQS 2013 Keynote: Cooperative Testing and Analysis

Automated Exploratory Testing

ISSTA 2017 Impact Paper Award Presentation

Dynamic Population Discovery for Lateral Movement (Using Machine Learning)

Adversary Emulation and Red Team Exercises - EDUCAUSE

Use Combinatorial Testing for Mobile Device Fragmentation

DevSecOps at Agile 2019

Recently uploaded

Unlock the mysteries of successful Salesforce interviews in this insightful session hosted by Hugo Rosario (Salesforce Customer), a seasoned hiring manager that leads the Salesforce Department of multinational company with over 100 interviews under their belt. Step into the manager's chair and gain exclusive behind-the-scenes insights into what makes a Salesforce consultant stand out during the interview process. From deciphering the unspoken cues to mastering key strategies, we'll explore the intricacies of the interview process and provide practical tips for consultants looking to not only pass interviews but also thrive in their roles. Whether you're a seasoned professional or just starting your Salesforce journey, this session is your backstage pass to the secrets that hiring managers wish you knew.

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

CzechDreamin

Extensible Python: Robustness through Addition - PyCon 2024

Patrick Viafore

We're living the AI revolution and Salesforce is adapting and bring new value to their customers. Einstein products are evolving rapidly and navigating their limitations, language support, and use cases can be challenging. Let's make review of what Einstein product are available currently, what are the capabilities and what can be used for in CEE region and how Rossie.ai can help to learn Salesforce speak Czech. We will explore the Einstein roadmap and I will make a short live demo (based on your vote) of some Einstein feature.

AI revolution and Salesforce, Jiří Karpíšek

CzechDreamin

When you think of a highly secure meeting environment, do you instantly think 'Microsoft Teams'!? Or do you think about some unknown application, troublesome UI and daunting login process...? If you think the latter - let's change that! In this session Femke will show you how using Teams Premium features can create secure, but also good looking meetings! PRETTY. Make sure your company's brand is represented before, during and after the meeting with Customization policies in place. SECURE. Lets utilize Meeting templates and Sensitivity Labels to protect your meeting and data to prevent sensitive information from being leaked. After this session, you will have a clear understanding of the capabilities of Teams Premium features and how to set up the perfect meeting that suits your organizational requirements!

ECS 2024 Teams Premium - Pretty Secure

Femke de Vroome

Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...

FIDO Alliance

This presentation focuses on the challenges and strategies of connecting problem definitions within product development. Key Points Covered: - Kayak's mission since its inception in 2004 to simplify travel by enabling easy comparisons of flights through technological solutions. - Discussion of the complexities within the travel industry, including the high expectations for personalized user experiences and the various stakeholder influences. - Emphasis on the necessity of maintaining agility and innovation within a mature company through continuous reassessment of processes. - An explanation of the importance of disciplined problem definition to prevent project failures and team inefficiencies. - Introduction of strategies for effective communication across teams to ensure alignment and comprehension at all levels of project development. - Exploration of various problem-solving methodologies, including how to handle conflicts within team settings regarding problem definitions and project directions.

Connecting the Dots in Product Design at KAYAK

UXDXConf

In this session, we will showcase how to revolutionize automated testing for your software, automation, and QA teams with UiPath Test Suite. In part 1 of UiPath test automation using UiPath Test Suite – developer series, we will cover, Software testing overview What is software testing Why software testing is required Typical test types and levels Continuous testing and challenges Introduction to UiPath Test Suite UiPath Test Suite family of products Speaker: Atul Trikha, Chief Technologist & Solutions Architect, Peraton and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 1

DianaGray10

Already know how to write a basic SOQL query? Great! But what about an *aggregate* SOQL query? You know, the kind that uses aggregate functions like COUNT & MAX along with GROUP BY and HAVING clauses? No? Well, get ready to learn how to slice & dice your org’s data right inside your own dev console. From finding duplicate records to prototyping summary & matrix reports, learn the ins and outs of aggregate queries during this fast-paced but admin-friendly session on advanced SOQL concepts.

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

CzechDreamin

How to differentiate Sales Cloud and CPQ on first glance might be tricky if you do not know where to look and what to look at. You will know :-) Managing the sales process within Salesforce is a common use case that can be managed with standart Sales Cloud. If you want to do entire quoting process you will find out Salesforce CPQ solution exists. What is then the difference if both can handle selling products? You will see comparison of 10 different features, which Sales Cloud and Salesforce CPQ handle differently. Simple question you will always remember if you should consider using Salesforce CPQ will be a cherry on top.

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

CzechDreamin

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “Enterprise Knowledge Graphs: The Importance of Semantics” on May 9, 2024, at the annual Data Summit in Boston. In her presentation, Hedden describes the components of an enterprise knowledge graph and provides further insight into the semantic layer – or knowledge model – component, which includes an ontology and controlled vocabularies, such as taxonomies, for controlled metadata. While data experts tend to focus on the graph database components (RDF triple store or a label property graph), Hedden emphasizes they should not overlook the importance of the semantic layer.

Enterprise Knowledge Graphs - Data Summit 2024

Enterprise Knowledge

The standard Salesforce Approval process can be limiting in many ways, especially in complex scenarios. What if there was a way to implement very flexible approvals where one can use Apex code to make data updates in unrelated records, dynamically generate next steps details, and compute assignees on the fly? And still use UI-based configurations to implement concrete approval processes. In this session, we will share ideas behind such a solution and show a few lines of code to get you started.

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

CzechDreamin

How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf

FIDO Alliance

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Julian Hyde

New customer? New industry? New cloud? New team? A lot to handle! How to ensure the success of the project? Start it well! I've created the 3 areas of focus at the beginning of the project that helped me in multiple roles (BA, PO, and Consultant). Learn from real-world experiences and discover how these insights can empower you to deliver unparalleled value to your customers right from the project's start.

Powerful Start- the Key to Project Success, Barbara Laskowska

CzechDreamin

Welcome to UiPath Test Automation using UiPath Test Suite series part 2. In this session, we will cover API test automation along with a web automation demo. Topics covered: Test Automation introduction API Example of API automation Web automation demonstration Speaker Pathrudu Chintakayala, Associate Technical Architect @Yash and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 2

DianaGray10

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

FIDO Alliance

The Metaverse: Are We There Yet?

Mark Billinghurst

Speed Wins: From Kafka to APIs in Minutes

confluent

This presentation dives into the practical applications of machine learning within Google's operations, providing a comprehensive overview of how to leverage AI technologies to solve real-world business challenges. Key Points Covered: - Introduction to Machine Learning at Google: Discussion on the role of ML and its evolution in enhancing Google's operational efficiency. - Experience Sharing: Insights into the team's long-term engagement with machine learning projects and the impacts on Google’s operational strategies. - Practical Applications: Real-world examples of ML applications within Google’s daily operations, providing a blueprint to adapt similar strategies. - Challenges and Solutions: Discussion on the challenges faced during the implementation of ML projects and the strategic solutions employed to overcome them. - Future of ML at Google: Insights into future trends in machine learning at Google and how they plan to continue integrating AI into their ecosystem.

Strategic AI Integration in Engineering Teams

UXDXConf

FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...

FIDO Alliance

Recently uploaded (20)

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...

Extensible Python: Robustness through Addition - PyCon 2024

AI revolution and Salesforce, Jiří Karpíšek

ECS 2024 Teams Premium - Pretty Secure

Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...

Connecting the Dots in Product Design at KAYAK

UiPath Test Automation using UiPath Test Suite series, part 1

SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...

10 Differences between Sales Cloud and CPQ, Blanka Doktorová

Enterprise Knowledge Graphs - Data Summit 2024

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf

Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)

Powerful Start- the Key to Project Success, Barbara Laskowska

UiPath Test Automation using UiPath Test Suite series, part 2

The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf

The Metaverse: Are We There Yet?

Speed Wins: From Kafka to APIs in Minutes

Strategic AI Integration in Engineering Teams

FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...

Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes

1. TRUESEEING: EFFECTIVE DATAFLOW ANALYSIS OVER DALVIK OPCODES Takahiro / Ken-ya Yoshimura (@alterakey / @ad3liae)

2. WHO WE ARE ➤ alterakey ➤ Security Researcher ➤ iOS/Android Apps ➤ Android System ➤ Network ➤ ad3liae ➤ Security Researcher ➤ iOS Apps ➤ At Monolith Works Inc.

3. MOBILE APP SECURITY ➤ Attack Vectors ➤ Malicious App ➤ Malicious User ➤ Risks ➤ Vulnerabilities ➤ Unwanted Behaviors

4. FINDING VULNERABILITIES ➤ Static Analysis ➤ Reversing the target and deriving its behavior ➤ Reversing data ﬂow is important ➤ Decompilers (such as JD-GUI) are essential tools ➤ Decompiling takes time  ➤ Dynamic Analysis ➤ Running the target and seeing its behavior

5. PROBLEMS ➤ Dynamic Analysis ➤ Often unwanted :( ➤ Obfuscation ➤ Common practice ➤ Hinders decompilers ➤ What can we do?

6. RELATED WORKS ➤ Mixing multiple decompilers  (QARK et al.) ➤ Speed: even more time ➤ Fragility  ➤ Mixing alone does not answer the question, IMHO..

7. GO DIRECT ➤ Trueseeing ➤ Capable of ➤ Reversing data ﬂow ➤ Loosely guessing constants/ typesets/… ➤ Manifest analysis (of course) ➤ Uses no decompilers ➤ Speed ➤ Resiliency

8. DISASSEMBLING ➤ apktool ➤ SQLite3 DB

9. MARKING UP ➤ Constants ➤ Invocations ➤ Stored as tables/views

10. DATAFLOW TRACING (1) ➤ Call tracing ➤ Reading backwards ➤ Climbing call stacks up

11. DATAFLOW TRACING (2) ➤ Static trace ➤ Matching sget/sput ➤ Solving constants in sput

12. DATAFLOW TRACING (3) ➤ Instansic trance ➤ Matching iget/iput ➤ Ignoring instance identity ➤ Solving constants in iput

13. REPORTING ➤ HTML: clarity ➤ gcc-style: CI

14. CAPABILITY ➤ Most of OWASP TOP 10 Mobile (2015) ➤ M1: Improper Platform Usage ➤ M2: Insecure Data ➤ M3: Insecure Communication ➤ M4: Insecure Authentication ➤ M5: Insuﬃcient Cryptography ➤ M6: Insecure Authorization ➤ M7: Client Code Quality Issues ➤ M8: Code Tampering ➤ M9: Reverse Engineering ➤ M10: Extraneous Functionality

15. FIN. 30.7.2017 Monolith Works Inc.

16. BRING YOUR APK!

Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes

Recommended

Recommended

More Related Content

Similar to Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes

Similar to Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes (20)

More from Takahiro Yoshimura

More from Takahiro Yoshimura (20)

Recently uploaded

Recently uploaded (20)

Trueseeing: Effective Dataflow Analysis over Dalvik Opcodes