applied security conferences and training: CanSecWest | PacSec | EUSecWest |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

Reversing for the JVM and Android

Register for the March 18-19,2019 (2-day course)

Instructor(s):
Marc Schoenefeld

Description

This training gives a headstart into theory and practice of reversing Java applications. We present the technical foundations for both the Java and Android runtime environments that are important for understanding unknown binaries. This includes learning about bytecode dialects and the degrees of freedom to protect content of deployed applications.

Hands-on challenges will introduce students to both sides of the game - especially tools for obfuscation, de-obfuscation, binary analysis, and de-compilation.

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

Topics:

Part 1: Background about the common technical foundations (approx 30% of course) Part 2: Android reversing

Part 1 will fill around 40% of the Dojo, and even students working only with Andriod benefit to acquire a sufficient background about the common technical foundations, and following Part 2 then focusses entirely on Android reversing.

Pre-requisies:

Being fluent in Java and Python will help students to complete the hands-on exercises in the expected timeframe.

What you will need to bring:

This Dojo uses freely available software (e.g. Radare2) for binary analysis, but guidance is given on how to transfer these techniques to be re-used with commercial tools, such as IDA.

Students will receive examples for the assessments, and tools are prepared in a Docker container to avoid lengthy setup. Brave students can also work in their host OS, but the mileage may vary. A majority of examples on Day 2 require a device, which needs to be accessible via ADB and similar tools, for the purpose a working Genymotion installation can be helpful.

Being fluent in Java and Python helps to complete the hands-on parts in the expected time-frame. Several examples will require you to analyse recent app versions directly from the Play Store. For that purpoose students should have their (alternative) Play Store credentials available.