Tracking App Behaviors With - Nothing Changed - Phone For Evasive Android Malware
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a powerful new method for tracking and analyzing evasive Android malware behaviors without modifying the operating system. Learn techniques to overcome challenges in fast code analysis, environment detection, obfuscation, dynamic code loading, and anti-analysis measures. Discover how to monitor user-defined classes/methods, third-party libraries, Java/Android APIs, and native-level functions including JNI, libc, and Binder on unmodified devices. Gain insights into analyzing complex and advanced Android malware through demonstrations and practical examples.
Syllabus
What I will talk about..
Obfuscation
Fast code analysis: example
Dynamic code loading
Monitoring extension
Mixed-environment code with JNI
Tracking Native Behavior:JNI
Tracking Native Behavior: LIBC
Tracking Native Behavior:BINDER
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube