Today most of serious mobile applications relay on industrial-grade software protection tools to detect and slow down reverse engineering. It forces attackers to waste a precious time bypassing obfuscation and RASP before deep diving into app specific logic. So, If each tool tries to detect non-app specific threats such as hooking, rooted device, emulator, debugger, rogue certificate, and so, we postulate we can design an universel tool to bypass all of them. In our talk, we start by reversing protections from most popular and certified Android app protection tools, and we follow by designing instrumentation to defeat all of them.
About Georges-Bastien Michel
- Georges-B Michel is the founder and principal security researcher at Reversense. He worked on many security topics including obfuscation, Android security, TEE/TA reversing, web application sec, and secure coding. he presented his work and tools at several european security conferences including SSTIC, Insomni'hack, PTS, THC, and more. Since 2018, he develops Dexcalibur (CE & Pro), a mobile reverse engineering automation software.