top of page

A QUICK DIVE INTO ANDROID MALWARE                                                       




2 days


Online / Offline


Intermediate / Advanced

Manuel Blanco


Manuel Blanco

Manuel Blanco is a Security Researcher, interested in everything related to low level architecture and operating systems internals (Linux Kernel and Android). He has explored different fields, from penetration testing of critical infrastructures, to reverse engineering of complex software applications.

In 2017, Manuel was a member of the Spanish national team that won the European Cyber Security Challenge, a CTF competition organized by the European Union Agency for Network and Information Security.

Furthermore, he has experience as a speaker in multiple international security congresses, conducting training for both beginner and advanced users.

About the training: 

We are living in a world where everyone can be picked as a target by different actors and if you want to fight against advanced persistent threads, first you must understand its capabilities.

Do you want to dissect their cyberwarfare tools? In this training we analyze the root cause of a vulnerability used by Pegasus APT in-the-wild, and its exploitation bypassing all the modern mitigations shipped on a real device. On the other hand, we explore the Android architecture, understanding the key pieces needed for reverse engineering malware, exploring the state of art.

This training provides students with a quick look into the hidden side of the threat landscape these days - the side of mobile malware. We will guide you through the main aspects of Android security and give you a broad view of modern malware that can be found in the wild. This training gives you hands-on practical tasks, which enables students to analyze any kind of malicious applications in the future. During the training, you will gain access to stash of samples related to the most famous mobile APTs.

Topics covered:

  • Overview of Android architecture and internal structure of applications.

  • Basic analysis using Android decompilers (JEB, Jadx, dex2jar).

  • Smali/Baksmali. Searching for malicious code injections.

  • Tips & tricks to fast check that app is actually malicious.

  • The decryption of payloads, configs and other malware artifacts.

  • Hunting for new samples. Android and iOS specificity.

  • Lots (!) of real-life examples.

  • Special focus on mobile APTs like FinFisher, HackingTeam RCS, Pegasus, OceanLotus, etc.

Key takeaways:

  • Understand Android architecture and internal structure of applications

  • Basic analysis using Android decompilers

  • Searching for malicious code injections

  • The decryption of payloads, configs and other malware artifacts

  • Hunting for new samples on Android and iOS

What you get after the training:

  • itrainsec shareable certificate, signed by the trainer (add it to your LinkedIn profile) 

  • Course materials 

  • Practical skill to elevate your career to the next level 

  • After-training consultancy and support 

  • Expansion of your professional network in the cybersecurity industry 

  • Stronger cybersecurity posture of your business

Prerequisites: Basic programming and reversing understanding.

bottom of page