Reverse and Inject

Merab Tato Kutalia

Android Software Engineer / Chapter Lead

TBC Bank

Android reverse engineering & malware injection. As Android engineers, we often like tinkering with the platform and for us, it is much easier to recognise some patterns while analyzing malicious code which gives us a huge advantage. This talk aims to explore the basics of reverse engineering, trending tools. How to decompile, disassemble the application, how to find malicious code snippets and what are the possible pitfalls. Difference between static and dynamic analysis. A little bit about Smali and DEX compilers. We will have 2 live demos. First: show how to reverse engineer an application and second: at the end of the session, we will decompile APK, plant malicious code, repackage again and install on the device to test it for educational purposes. Also will provide some introductory info on what is the Catch The Flag challenges and how we can practise.

Software Engineer with 8 years of experience, specializing in Android development. He is a fan of all things software development, particularly architecture with a penchant for exploring the potentials of the platform. Out of work, Merab maintains an active podcast about work ethics and career growth, writes tech-blogs and is a GDG co-organizer and speaker at development meetups(Devfests, OWASP) and beyond. Cares about community and newcomers. Alongside his technological pursuits, he is an amateur cyclist and runner, biohacker and spends lots of time on personal development.

droidcon APAC is produced by:

Mobile Seasons GmbH (droidcon Global HQ)

Messedamm 22

14055, Berlin


.droidcon is a registered Trademark of Mobile Seasons GmbH

  • dc-social
  • Twitter - White Circle
  • Facebook - White Circle