Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-11-22 04:33:28 +00:00
Code Issues Projects Releases Packages Wiki Activity

GitBook: [#3175] No subject

Browse source
This commit is contained in:
CPol 2022-05-03 09:20:29 +00:00 committed by gitbook-bot
parent ff681fc8fc
commit 5f7ed00f7b
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
mobile-pentesting/android-app-pentesting/README.md
View file

@ -674,6 +674,18 @@ ProGuard is distributed as part of the Android SDK and runs when building the ap
From: [https://en.wikipedia.org/wiki/ProGuard\_(software)](https://en.wikipedia.org/wiki/ProGuard\_\(software\))
### [DexGuard](https://www.guardsquare.com/dexguard)
Find a step-by-step guide to deobfuscate the apk in [https://blog.lexfo.fr/dexguard.html](https://blog.lexfo.fr/dexguard.html)
(From that guide) Last time we checked, the Dexguard mode of operation was:
* load a resource as an InputStream;
* feed the result to a class inheriting from FilterInputStream to decrypt it;
* do some useless obfuscation to waste a few minutes of time from a reverser;
* feed the decrypted result to a ZipInputStream to get a DEX file;
* finally load the resulting DEX as a Resource using the `loadDex` method.
### [DeGuard](http://apk-deguard.com)
**DeGuard reverses the process of obfuscation performed by Android obfuscation tools. This enables numerous security analyses, including code inspection and predicting libraries.**