Skip to content

PwnDroid is a hands-on Android security workshop focused on source code review and dynamic analysis. Using tools like Frida, Magisk, and JADX, you'll learn to reverse engineer apps, hook functions, and bypass checks. Ideal for beginners exploring Android reverse engineering and app security.

Notifications You must be signed in to change notification settings

QiaoNPC/CSLU_PwnDroid_Workshop

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

6 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

PwnDroid: Introduction to Source Code Review & Dynamic Analysis

A practical workshop on analyzing Android applications through source code review and dynamic analysis using powerful tools and hooking techniques.

In this workshop, you'll learn:

  • βœ… How to use jadx-gui for static analysis
  • βœ… How to hook Android functions and change their behavior
  • βœ… How to work with non-MainActivity components
  • βœ… How to bypass checks and extract flags dynamically

πŸš€ Workshop Setup

Make sure you have the following installed and ready:

  • Android Studio βœ…
  • Android SDK (API 26) βœ…
  • ADB βœ…
  • Rooted Android Device βœ…
  • Magisk + Frida βœ…
  • jadx-gui βœ…
  • Python requirements βœ…

You can follow CSLU installation Guide.pdf to install the tools required for the workshop.

Install Python requirements:

pip install -r requirements.txt

πŸ§ͺ Tools Used

  • Android Studio – for APK decompilation and debugging
  • ADB – to communicate with the Android device
  • Frida – for hooking functions at runtime
  • Magisk – to root the device and run Frida server
  • jadx-gui – for static analysis of APKs

🧩 Labs

Lab Topic Link
0 Introduction to Hooking & Changing Return Values labs/lab0
1 Hooking Functions for Flag labs/lab1
2 Hooking Non-MainActivity Methods Flag labs/lab2
3 Introduction to Hooking Non-MainActivity Variables labs/lab3
4 Hooking Non-MainActivity Variables for Flag labs/lab4
5 Instantiating Unused Class for Flag labs/lab5
6 Instantiating Unused Class with Parameter for Flag labs/lab6

πŸ™ Acknowledgements

This workshop includes a pre-rooted AVD setup based on the amazing work by:

Huge thanks to both projects for making Android security research more accessible.


Happy reversing! πŸ”πŸ“±

About

PwnDroid is a hands-on Android security workshop focused on source code review and dynamic analysis. Using tools like Frida, Magisk, and JADX, you'll learn to reverse engineer apps, hook functions, and bypass checks. Ideal for beginners exploring Android reverse engineering and app security.

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published