OpenCourser brand icon
Sign in
We may earn an affiliate commission when you visit our partners.

Mobile Security

Reverse Engineer Android Apps From Scratch

Flip Cortex

This is an introductory course suitable for cyber security newcomers as well as cyber security professionals who would like to dive into the world of mobile security.

In recent years, Android has established itself as a leader in the mobile OS market. For this reason, it is a common target of abuse among cyber-criminals.

Read more

This is an introductory course suitable for cyber security newcomers as well as cyber security professionals who would like to dive into the world of mobile security.

In recent years, Android has established itself as a leader in the mobile OS market. For this reason, it is a common target of abuse among cyber-criminals.

This course will provide students with the ability to set up an analysis environment, allowing them to analyse suspicious Android apps and determine whether or not they are malicious. The syllabus assumes that the student has little or no knowledge of Android security. It therefore provides the fundamentals not only on Android security, but on Android applications in general.

The course will take students through the process of developing a basic Android application, which will provide insight into the inner workings of an Android APK. Upon completion, students will have their own analysis environment along with the knowledge required to analyse suspicious APKs.

Course outline:

-Course Requirements

-Intro to Android

-Course/Lab Setup

-Developing a Basic Android App

-Analyzing Android Apps

-Case Study: Analyzing an actual ransomware and developing a decryption tool

Enroll now

What's inside

Learning objectives

  • Android malware reverse engineering
  • How to create a ransomware decryption tool
  • Mobile security
  • Static analysis
  • Dynamic analysis
  • Android app development fundamentals

Syllabus

Course prerequisites
Course overview
Theoretical background on Android, and Android S ecurity
Section 2
Read more
Intro to Android
Installation of tools required for course
Section 3
Android Studio
SDK Manager
Emulator
ADB
Apktool
JD-GUI/Enjarify
Bytecodeviewer
Androguard
Objection
Tamer
Recap
Simplocker: Running on Emulator
Overview of steps involved in develop a simple (malicious) android app
Section 4
Android App Structure and components
Simple UI i
Simple UI ii
Simple UI iii
App Components: Activity i
App Components: Activity ii
App Components: Content Provider
App Components: Broadcast Receiver i
App Components: Broadcast Receiver ii
App Components: Service i
App Components: Service ii
Reverse engineering and analyzing the simple malicious app
Section 5
Static vs Dynamic vs Automated Analysis
Static Analysis: APKtool
Static Analysis: Bytecodeviewer
Static Analysis: Androguard
Dynamic Analysis: Objection
Automated Analysis: Malware Sandbox i
Automated Analysis: Malware Sandbox ii
Applying what we've learnt to a real world ransomware scenario
Section 6
Simplocker: Automated Analysis
Simplocker: Static Analysis
Simplocker: Decryption Tool
Simplocker Quiz
Thank you

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Provides fundamentals on Android security and applications, which builds a strong foundation for beginners in mobile security
Teaches static, dynamic, and automated analysis, which are core skills for reverse engineering Android applications
Includes a case study analyzing actual ransomware and developing a decryption tool, which is highly relevant to incident response
Requires installation of tools such as Android Studio, SDK Manager, and emulators, which may require specific system configurations
Covers tools like Apktool, JD-GUI/Enjarify, and Bytecodeviewer, which may have newer versions available than those used in the course

Save this course

Save Mobile Security: Reverse Engineer Android Apps From Scratch to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Mobile Security: Reverse Engineer Android Apps From Scratch with these activities:
Review Java Fundamentals
Strengthen your understanding of Java, which is essential for understanding Android app development and reverse engineering.
Show steps
  • Review basic syntax and data structures.
  • Practice writing simple Java programs.
  • Familiarize yourself with object-oriented concepts.
Read 'Android Security Internals'
Gain a deeper understanding of Android's security architecture to enhance your reverse engineering skills.
View Putting Knowledge to Work on Amazon
Show steps
  • Read the book cover to cover.
  • Take notes on key concepts and security mechanisms.
  • Relate the concepts to the course material.
Practice Static Analysis with Apktool
Reinforce your static analysis skills by repeatedly disassembling and analyzing different Android APKs using Apktool.
Show steps
  • Download several APKs from trusted sources.
  • Use Apktool to disassemble each APK.
  • Examine the disassembled code and resources.
  • Identify potential vulnerabilities or malicious code patterns.
Four other activities
Expand to see all activities and additional details
Show all seven activities
Read 'Practical Malware Analysis'
Expand your malware analysis skills with a comprehensive guide applicable to various platforms, including Android.
View Practical Malware Analysis: The Hands-On Guide... on Amazon
Show steps
  • Read the book and take notes.
  • Try to apply the techniques to Android malware samples.
  • Compare and contrast Windows and Android malware analysis.
Write a Blog Post on Android Ransomware
Solidify your understanding of Android ransomware by researching and writing a blog post explaining its mechanisms and prevention techniques.
Show steps
  • Research different types of Android ransomware.
  • Analyze the Simplocker case study from the course.
  • Write a blog post explaining the ransomware's functionality.
  • Describe prevention and decryption techniques.
  • Publish the blog post on a platform like Medium.
Develop a Simple Keylogger App
Apply your knowledge of Android app development to create a simple keylogger app to understand how malicious apps can capture user input.
Show steps
  • Set up an Android development environment.
  • Implement a keylogger service in your app.
  • Store the captured keystrokes in a file.
  • Test the app on a virtual or physical device.
  • Analyze the security implications of such an app.
Contribute to an Open-Source Android Security Project
Deepen your understanding of Android security by contributing to an open-source project focused on security tools or vulnerability research.
Show steps
  • Find an open-source Android security project on GitHub.
  • Understand the project's goals and codebase.
  • Identify a bug or feature to work on.
  • Submit a pull request with your changes.
  • Participate in code reviews and discussions.

Career center

Learners who complete Mobile Security: Reverse Engineer Android Apps From Scratch will develop knowledge and skills that may be useful to these careers:
Malware Analyst
A Malware Analyst examines malicious software to determine how it works and to develop methods to detect and remove it. This role often involves reverse engineering and threat analysis skills. This course provides a strong foundation for Malware Analysis, by focusing on analyzing Android apps from scratch. The course will take you through techniques like reverse engineering, static and dynamic analysis, all of which are fundamental to the role of a Malware Analyst. Furthermore, the creation of decryption tools, as practiced in this course, is a specific task that a malware analyst might encounter. Those who wish to become a Malware Analyst will find this course particularly useful.
See salaries and explore the career path for Malware Analyst
Mobile Security Analyst
A Mobile Security Analyst is responsible for identifying and mitigating security risks in mobile applications and devices. This role involves analyzing mobile apps for vulnerabilities, developing security protocols, and responding to security incidents. This course will help you build a foundation in reverse engineering Android applications, which is integral to finding security flaws, particularly malware. The experience of setting up your own analysis environment, as taught in this course, will be invaluable to a Mobile Security Analyst. Analyzing suspicious APKs and creating decryption techniques, as you do in this course, are key skills for this role. One who aspires to be a mobile security analyst should take this course to learn a core skillset.
See salaries and explore the career path for Mobile Security Analyst
Application Security Engineer
An Application Security Engineer focuses on making applications secure throughout the entire software development lifecycle. This includes identifying vulnerabilities and ensuring security measures are implemented correctly. This course will help an Application Security Engineer understand how malicious actors may try to exploit applications, specifically on the Android platform. You will learn to evaluate app structure, components, and identify potential weaknesses. The experience of analyzing real world ransomware, as taught in this course, is particularly useful. Learning to set up your own analysis environment will be invaluable for an Application Security Engineer. Aspiring application security engineers will find that this course may provide key skills for the job.
See salaries and explore the career path for Application Security Engineer
Cybersecurity Analyst
A Cybersecurity Analyst works to protect computer systems and networks from threats. They typically analyze security risks, implement security measures, and respond to security incidents. This course is an excellent introduction to the world of mobile security, particularly for those who are new to the field. This course will assist any aspiring Cybersecurity Analyst to understand the nuances of Android security and how malicious applications function. By learning to analyze suspicious apps, a cybersecurity analyst is better equipped to protect systems and networks and to perform threat assessments. Taking this course will build a critical understanding of mobile security threats, helping one become a well rounded cybersecurity professional.
See salaries and explore the career path for Cybersecurity Analyst
Security Engineer
A Security Engineer is responsible for implementing, maintaining, and monitoring security systems. This role involves designing and implementing security measures, as well as responding to security incidents. This course will give any Security Engineer a strong grounding in the security of Android applications. You will gain knowledge of Android application development, which gives you a unique point of view on security. You will learn how to analyze suspicious applications, and you will gain practical experience developing a decryption tool. Security Engineers may find this course useful if they want to specialize in mobile application security, or develop general skills in mobile security.
See salaries and explore the career path for Security Engineer
Penetration Tester
A Penetration Tester, sometimes called an ethical hacker, attempts to breach security systems to identify vulnerabilities before malicious actors can. Penetration testing is a key component of maintaining robust security. It involves simulating real world attacks to assess vulnerabilities. This course provides a strong base in analyzing how Android applications work, which will be helpful in performing thorough security assessments. Learning to reverse engineer Android apps, as you do in this course, will help any penetration tester find weaknesses. This course will show how to establish an analysis environment, a key skill for anyone conducting penetration testing. Anyone who wants to become a penetration tester may find this course particularly useful.
See salaries and explore the career path for Penetration Tester
Reverse Engineer
A Reverse Engineer examines systems to understand how they operate, often to identify vulnerabilities or intellectual property. These professionals often work in the field of security, but not exclusively. This course provides a crucial introduction to reverse engineering techniques by focusing on Android applications. Learning to develop a basic Android application, combined with an understanding of how to setup an analysis environment, will be essential for any Reverse Engineer. Additionally, the experience of analyzing suspicious applications and developing decryption tools, as done in this course, provides valuable practical experience. If you aspire to become a reverse engineer, this course may help you.
See salaries and explore the career path for Reverse Engineer
Vulnerability Analyst
A Vulnerability Analyst identifies weaknesses in computer systems and networks. This role involves scanning systems for known vulnerabilities, analyzing the risks, and recommending solutions. Much of this work involves the analysis of software. This course will help any Vulnerability Analyst better understand how Android applications work, using reverse engineering techniques. You will learn how to analyze app structure and components, allowing you to identify vulnerabilities that a typical scan may miss. By creating your own analysis environment, you will better understand the tools used by those who seek to exploit vulnerabilities. Aspiring vulnerability analysts who may not have experience analyzing mobile applications may find this course useful.
See salaries and explore the career path for Vulnerability Analyst
Incident Responder
An Incident Responder is a critical part of any organization's security team. This role involves responding to cybersecurity breaches, containing the damage, and recovering systems. This course will help an Incident Responder because they will learn how malicious actors might take advantage of vulnerabilities in mobile applications. The ability to analyze suspicious Android applications, as taught in this course, will help with understanding how damage is inflicted, and how to contain it. Developing this understanding, and specifically learning how to create a decryption tool, can provide critical skills during an incident. If you want to become an incident responder, this course will give you some core capabilities.
See salaries and explore the career path for Incident Responder
Software Developer
Software Developers design, build, and maintain software applications. A software developer typically works with a team to create programs that meet user requirements. This course on Android security may help any software developer who wants to gain a deeper understanding of potential vulnerabilities. This course covers the fundamentals of Android application development, which is helpful in building secure applications. Learning to analyze app structures and components, as you will in this course, provides a different perspective on design and implementation. This course may be useful to those aspiring to become a software developer, especially if you will be focusing on Android.
See salaries and explore the career path for Software Developer
Threat Intelligence Analyst
A Threat Intelligence Analyst gathers data on cyber threats and analyzes it to help organizations understand their security risks. This role involves keeping up to date on new attack techniques and identifying patterns in cyberattacks. This course will help any Threat Intelligence Analyst better understand mobile threats, especially on the Android operating system. By learning to analyze suspicious Android applications, and understanding how malicious actors might seek to cause harm, you will be better equipped for the role of a Threat Intelligence Analyst. Also, this course covers malware analysis, a key topic of focus for this role. Those who aspire to become a threat intelligence analyst may find this course helpful.
See salaries and explore the career path for Threat Intelligence Analyst
Security Researcher
A Security Researcher investigates new security threats and vulnerabilities. This role often involves a rigorous analysis of systems and software, and a deep understanding of technology. This course provides a practical introduction to mobile security, especially Android, through hands-on analysis. You will learn to develop an Android application, which will allow you to understand how an app works. You will also become familiar with analysis environments, and how to use sophisticated tools. Analyzing ransomware and developing tools, as done in this course, will give insight into real world threats. This course may be useful for anyone seeking to become a security researcher
See salaries and explore the career path for Security Researcher
Security Consultant
A Security Consultant provides expert advice on security issues, helping organizations improve their security posture. This role involves assessing risks, recommending security solutions, and implementing best practices. This course may be useful for any prospective Security Consultant by providing hands-on experience in the field of mobile security. Learning to analyze Android applications and understand their vulnerabilities will help any Security Consultant provide effective recommendations. This course also allows you to develop an analysis environment, an essential skill for this role. Any consultant seeking to specialize in mobile or application security may find this course helpful.
See salaries and explore the career path for Security Consultant
Digital Forensics Specialist
A Digital Forensics Specialist analyzes digital evidence to investigate crimes or incidents. This role involves examining data from computers, mobile devices, or other digital storage to uncover details, such as who might have committed an offense and how. This course may be useful for any prospective Digital Forensics Specialist because it provides hands-on experience with Android applications. You will learn about malware analysis, how to reverse engineer an app, and how to set up an analysis environment. All of these skills can be useful when investigating incidents involving mobile devices. If you want to enter the field of digital forensics, this course may give you relevant skills.
See salaries and explore the career path for Digital Forensics Specialist
Mobile Developer
A Mobile Developer is a software developer that works specifically on mobile applications. These developers create software that is designed to run on mobile devices, and they may work on Android or Apple operating systems, or both. This course provides a foundational understanding of how an Android application is built and how it works. Learning from the perspective of someone who is reverse engineering an application will give a unique point of view for the mobile developer. In this course, you will learn the fundamentals of Android app development, in addition to learning how to analyze an existing application. If you want to become a mobile developer, this course may be useful.
See salaries and explore the career path for Mobile Developer

Reading list

We've selected two books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Mobile Security: Reverse Engineer Android Apps From Scratch.
Cover image
Putting Knowledge to Work
Save
Provides a deep dive into the Android security architecture. It covers topics such as the Android security model, permissions, and the Binder IPC mechanism. Reading this book will provide a solid foundation for understanding the security aspects of Android apps and how to reverse engineer them effectively. It valuable reference for anyone serious about Android security.
Putting Knowledge to Work
Paperback
Check
Putting Knowledge to Work
Kindle Edition
Check
Cover image
Practical Malware Analysis
Save
Comprehensive guide to malware analysis techniques. While it primarily focuses on Windows malware, the fundamental concepts and methodologies are applicable to Android malware analysis as well. It covers static and dynamic analysis techniques, debugging, and reverse engineering. This book will provide you with a broader perspective on malware analysis and enhance your skills in dissecting malicious Android apps.
Practical Malware Analysis: The Hands-On Guide to...
Paperback
$$
Practical Malware Analysis: The Hands-On Guide to...
Kindle Edition
$$

Share

Help others find this course page by sharing it with your friends and followers:
Facebook
LinkedIn
Reddit
X
Link
Email

Similar courses

Similar courses are unavailable at this time. Please try again later.
Effort
3 total hours
Via
Udemy
Instructor
Flip Cortex
Language
English
Good to know
Provides fundamentals on Android security and applications, which builds a strong foundation for beginners in mobile security
Teaches static, dynamic, and automated analysis, which are core skills for reverse engineering Android applications
Includes a case study analyzing actual ransomware and developing a decryption tool, which is highly relevant to incident response
Requires installation of tools such as Android Studio, SDK Manager, and emulators, which may require specific system configurations
Covers tools like Apktool, JD-GUI/Enjarify, and Bytecodeviewer, which may have newer versions available than those used in the course
Share and help others discover this course.
Facebook LinkedIn X Reddit Link Email
Don't miss out
Enroll today to gain access to this course
Enroll in this course
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2025 OpenCourser