Dexcalibur - automate your android app reverse

Loading
Loading Click here to add:
Add to notification list

Have you ever been worried about wasting time to make single-use hook in order to deobfuscate an Android app ? Instrumentation techniques often require prior static analysis or a known generic method, and a lot of code to read. Would you like to generate dozens of hooks, to gather the data and to sort it with a single click ? Dexcalibur is a new tool with a GUI and an API, built on top of several tools (Frida, Baksmali, LIEF, Capstone, Smali VM, …). It provides a way to explore a generated view of the application built from static analysis (of the flat files and intercepted files at runtime) and data gathered from several instrumentation sessions. The idea : reduce your reverse time, enhance your security analysis.

In this talk I will explain how Dexcalibur mixes static analysis, file analysis, and DBI in order to build a more complete view of the application.

Speaker

Georges-B. Michel

Bio

Georges is a software security engineer working at Thales. His passion is to develop new Android reverse engineering toolbox and to search for vulnerabilities. He loves (de)obfuscation, Android, TEE and browser exploitation.