Time
3 hours 58 minutes
Difficulty
Beginner
CEU/CPE
4

Video Transcription

00:00
all right, so let me give you a recommendation on some tools. So here the tools for Iowa's and we'll start with some static tools. So I recommend the hopper over. I'd a pro in Godhra. Obviously, I'd a pro is really expensive. Get your is free, but it's still new. So I recommend the hopper and get some IOS scripts for the hopper. So that's the one I'd go with
00:20
class dumb. See, we talked about that.
00:22
We know what that is. There's only one tool for that job. So there is a tool for O'Toole. It's kind of a port of it's called J Tool. It makes O'Toole look nicer. So when you're interpreting the output of all tool
00:35
J Tool does this a lot better, so you can get some good results with, and you can just download. It's easy. And then we talked about a binary ninja and rid air those air kind of the same dis assemblers that hopper and I'd a pro and get your are so you can fool around with those talked about X code
00:51
Marco View. That's a pretty cool tool that you can use to look at Mach Oh binaries in a gooey format. So that's nice.
00:58
Strings mob sf Remember, Mob s If I showed you that in the android? It also does Iowa s analysis. I didn't tell you that during the Iowa static analysis, because how much fun would that would be? How much fun could that be? Not that much dump decrypted. That is for dumping decrypted. I'm sorry. That is for dumping encrypted APS out of your iPhone
01:17
when you're doing your analysis. So I would recommend you
01:21
fooling around with that. Um, let's see. GDP. We talked about ldb We talked about X code we talked about. Those were pretty good. I like El Bebe as a d bugger. You can get a lot of scripts that kind of customized how L o D B works, so that's pretty good. It also gives you some colors, too, Which is nice. GDP doesn't do that.
01:38
Reveal in Theo's reveal, we didn't talk about too much. It can help you during your static analysis,
01:45
but you have to pay for it. So it's not very hopeful. Um, we talked about script. The lots you can try needle. Just make sure when you're installing that into your environment that you use virtual python environments because there's a lot of dependencies Passion. Fruit is kind of a similar framework. So you could go check that out.
02:00
And then the miscellaneous tools I have I proxy S S H. We used a lot of these unique in the course,
02:07
so see, script free day we didn't look at and objection we didn't look at, but those air framework similar to script. So again, you need to make sure that you're managing your python environments with those different frameworks. The city we talked about appsync we talked about
02:24
I device installer. Iowa's deploying iPhone Bucks are all very similar.
02:29
Thio City impactor. So they're gonna help you side side load applications. Sileo is the new newest jailbreaking type package manager. It's it's built office idea. I think it's invented by the same same guy, Sarah. Who does it? Um
02:46
so that's supposed to work on Iowa's 12 and 13. I think of 13.
02:52
So you can go check that out, and then cyber tuck. That's just like an SS H client. So you can just It's a It's a gooey sssh client, and we talked about TCP dump on wire Shark and Charles Proxy. So let's move on to Android.
03:05
So I've got some static tools here. It definitely would go check out Andrew Guard. It's written in Python. It's well maintained. It's well documented, and it's got lots of cool features that we didn't cover in the course to do some static analysis, so I would check that out when you have time.
03:19
80 b We looked at, of course, a peek a tool Dexter jar jab. We looked at all those android classy shark that's gonna help you get classes class named Yoffie skater. That's gonna help you get classes as well when it's office skated.
03:32
So those are two tools. Do you definitely want to check out? Talked about Jab X, which is the job of Deacon Byler. JD. Gooey 02 decks is taking android runtime files and turning them into Dex files so you can work with them. Sign. You definitely want to check out because that's gonna allow you to install applications that don't have
03:51
valid certificates so you can sign it with the test certificate so that you can stall into your device.
03:55
Android studios. A good one. If you have a lot of memory. Rid air is definitely one that you want to check out to And jasmine those air to disassemble. So check those out.
04:05
Drove her. We looked at g d b. We looked at android studio. We looked at that already Volatilities, volatilities Got some memory dumping features for android. So definitely check that out.
04:16
F s mon. We played with that in class.
04:19
Objection. And Frieda we talked about those in IOS. Definitely. Go check out and bug if you can. And J D B, which our job of do buggers and so are miscellaneous. We talked about pretty much all of these air ready. You can use city impactor on android burb Sweet. We talked about in class. Man in the middle is like burb sweet allows you to answers of traffic
04:40
Cyber duck, TCP dump wire shark and Charles Proxy. All right.

Up Next

Mobile Malware Analysis Fundamentals

In the Mobile Malware Analysis Fundamentals course, participants will obtain the knowledge and skills to perform basic malware analysis on mobile devices. Participants will perform these tasks by learning and implementing tools and techniques while examining malicious programs.

Instructed By

Instructor Profile Image
Brian Rogalski
CEO of Hexcapes
Instructor