Android Malware/Reversing Resources

Android Malware/Reversing Resources


Emulators permalink

Emulators allow you to run android apps. Some might not have ARM support.

  • Android Emulator (Android 11 - Tested with ARM apps and google play works properly)
  • Bluestacks (Untested)
  • Windows subsystem for android (ARM seems to work, but hard to setup frida)
  • Genymotion (Good but google play wont work perfectly)

APK downloaders permalink

These sites allow you to get safe virus free apks.

Proxies permalink

Proxies allow you to intercept HTTP/s traffic and modify them. Certificates should be installed via CA certificates.
10.0.2.2 is a special IP in android emulator for 127.0.0.1 .

  • Burp suite

SSL Pinning Bypass permalink

  1. Magisk - MagiskTrustUserCerts module (works on all apps - tested)
  2. Xposed - SSL Pinning bypass app
  3. Objection ssl pinning bypass with Frida server running as root
  4. Patch APK