Question 1

How to reverse engineer an Android APK?

Accepted Answer

Start with tools like Apktool for decompilation and Jadx for Java source code recovery, both listed in the Reverse Engineering section. You'll need to install and configure these tools separately on your system, following their own documentation.

Question 2

What's the best Android malware analysis tool?

Accepted Answer

The repository lists several options like MobSF for automated analysis and Quark-Engine for scoring; choose based on whether you need static or dynamic analysis, and check the tool descriptions for specific features and limitations.

Question 3

Android security awesome vs OWASP Mobile Security Testing Guide?

Accepted Answer

android-security-awesome is a directory of tools and resources for finding what to use, while OWASP MSTG is a detailed manual for how to test; use the former for tool discovery and the latter for methodology and best practices.

Question 4

Where to find vulnerable Android apps for hacking practice?

Accepted Answer

Look in the Vulnerable Applications section for apps like DIVA and InjuredAndroid, which are intentionally insecure for training and CTF challenges, providing hands-on experience with real-world vulnerabilities.

Question 5

How to check an APK for security vulnerabilities?

Accepted Answer

Use static analysis tools like QARK or dynamic analysis tools like Drozer from the repository; set up a testing environment and follow the tools' documentation for scanning, as the repo doesn't include setup instructions.

Question 6

What are some good Android security books?

Accepted Answer

The Academic section includes books like the SEI CERT Android Secure Coding Standard; explore the links for free and paid resources on secure development, though you'll need to acquire them separately.

android-security-awesome

What is android-security-awesome?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions