主要是梳理一下Android业务安全涉及到的知识点,不定期更新,欢迎补充。
第一行代码——Android(第3版)Android应用安全防护和逆向分析Android软件安全权威指南深入理解Android:Java虚拟机ART
http://91fans.com.cn/https://blog.vivcms.com/https://www.qinless.com/http://www.520monkey.com/https://www.cnblogs.com/2014asm/还有一些付费的培训课程知识星球等等,可以自己酌情付费学习。
1.KernelSU和Magiskhttps://github.com/tiann/KernelSUhttps://github.com/topjohnwu/Magisk2.相关模块安装证书:https://github.com/ys1231/MoveCertificate改system分区:https://github.com/HuskyDG/magic_overlayfs
https://github.com/Impact-I/reFlutterhttps://github.com/worawit/blutter
jadx,GDA,JEB,androguard
ghidra,IDA Pro,binary ninja
https://github.com/libffi/libffi
https://github.com/DenuvoSoftwareSolutions/GAMBA
https://github.com/CodingGay/BlackObfuscator
我之前总结过对抗ollvm的常见方法:https://bbs.kanxue.com/thread-272414.htm
https://github.com/abcz316/rwProcMem33(教程:https://bbs.kanxue.com/thread-278647.htm)
1.hluwa和r0ysue大佬发布的frida教程:https://github.com/hookmaster/frida-all-in-one2.kevinspider的教程:https://kevinspider.github.io/frida/frida-hook-java/https://kevinspider.github.io/frida/frida-hook-so/
1.跟随frida上游自动修补程序,并为Android构建反检测版本的frida-server:https://github.com/hzzheyang/strongR-frida-android2.基于frida实现的逆向工具包:https://github.com/sensepost/objection3.跟踪app的JNI调用:https://github.com/chame1eon/jnitrace4.快速分析Java类/对象结构的objection插件:https://github.com/hluwa/Wallbreaker(原理介绍:https://bbs.kanxue.com/thread-260110.htm)5.精简版objection+Wallbreaker:https://github.com/r0ysue/r0tracer6.frida+QBDI trace:https://github.com/lasting-yang/frida-qbdi-tracer
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
