Hi,

This post is regarding Android Reverse engineering.

Reverse engineering :

Reverse engineering is taking apart an object to see how it works in order to duplicate or enhance the object. The practice, taken from older industries, is now frequently used in computer hardware and software. Software reverse engineering involves reversing a program’s machine code (the string of 0s and 1s that are sent to the logic processor) back into the source code that it was written in, using program language statements.

Reverse engineering is nothing but a process to extract knowledge or useful information from any product, whether it’s applied while rebuilding a bike or a car or any human-made product.

Android Reverse engineering :

Android Reverse engineering is a format used to package and distribute the android application. An APK file contains all of that program’s code (such as .dex files), resources, assets, certificates, and manifest file.

Tools For Reverse engineering apk :

Below are some of the tools are helps to perform reverse engineering.

• Apktool
  
• Dex2jar
  
• Java decompiler
  
• Apk Analyser
  

Apktool :

First, let’s know what is apk files. Apk’s are nothing more than a zip file containing resources and assembled java code. If you were to simply unzip an apk like so, you would be left with files such as classes.dex and resources.arsc. Every Apktool release contains internally the most up to date AOSP framework at the time of the release. This allows you to decode and build most apks without a problem.

Installation for Apktool and How to Use :

1. Create a separate directory for this.
   
2. Download https://raw.githubusercontent.com/iBotPeaches/Apktool/master/scripts/windows/apktool.bat this link on the same directory and save link as apktool.bat
   
3. Download https://bitbucket.org/iBotPeaches/apktool/downloads/ this file on the same directory and change name as apktool.jar
   
4. Download any apk file in the same directory.
   
5. Open a command prompt on location is which present this all.
   
6. Apktool d apk_filename.apk run this command
   
7. Now you can see one directory same name as apk_filename that is our original code.
   

How to defend against a Reverse Engineering :

• Proguard makes your APK file as small as possible, it removes unused code and resources in your release build.
  

• It optimises the bytecode, removes unused code instructions, and obfuscates the remaining classes, fields, and methods with short names. The obfuscated code makes your APK difficult to reverse engineer, which is especially valuable when your app uses security-sensitive features.
  

• Use DexGuard, which can make reverse engineering even harder, like by encrypting strings, or detecting code tampering.