📄️ Decode & Decompile APK Files
For a lot of the static and dynamic analysis of the mobile app, reviewing the source and/or SMALI files could be very beneficial.
📄️ Binary Protections
Java and Kotlin are strictly typed programming languages, and in most cases are immune to stack overflow vulnerabilities. The exception is when the application includes library files that are written in C/C++, which then opens the overflow window. These files should be checked for proper stack canaries.
📄️ Hard-Coded Data / APK File
An Android app can be configured in many different places. Typically, these are kept in SQLite Databases, JSON, or XML files. The main configuration file will be the AndroidManifest.xml file which will define all permissions, intents, services, etc.
📄️ Hard-Coded Data / On-Device
An Android app can be configured in many different places. Typically, these are kept in SQLite Databases, JSON, or XML files. The main configuration file will be the AndroidManifest.xml file which will define all permissions, intents, services, etc.
📄️ Third-Party Libraries & Frameworks
Java and Kotlin are the primary programming languages for Android. However, libraries that are included with the applications could be written in C/C++. These libraries should be evaluated for public CVEs, as well as examined for sensitive information leakage.
📄️ Endpoint Discovery and URLs
As part of the information gathering phase, search the decoded/decompiled output for all endpoint URLs & APIs.
📄️ Mobile Security Framework for Android
Links: