2025-06-29 –, Soprano B
In an ever evolving arms race against the Google Play Store, threat actors increasingly capitalise on advanced malware capabilities to target smartphones. Yet, with modern malicious APKs deploying sophisticated obfuscation and anti-analysis tactics, static analysis alone often falls short. In this workshop, we’ll demystify how Android threats operate—from a broad threat-landscape overview down to the nitty-gritty of dynamic analysis on malicious code in action.
By reverse engineering real-world Android malware samples and monitoring their runtime behavior, participants will gain the cutting-edge skills necessary to detect, dissect, and defend against these attacks. Whether you’re a beginner or a seasoned analyst, you’ll walk away with hands-on experience in the nuances of Android malware and the practical know-how to stay one step ahead.
Prerequisites:
- A laptop able to run a virtual machine with 4Gb RAM.
- The Virtual Machine image is ~16gb of disk space, we'll have USB pens to distribute it during the workshop. We can also share a Google Drive link to download the image prior to the event.
- Basic knowledge of Linux commands.
This is a continuation of the really successful 3h workshop we did last year on Android Reverse Engineering. We had a full room of people but only managed to do 50% (the static analysis bit) of our regular 6h Android RE course. This year we are aiming to do the second half which covers dynamic analysis.
Lindsay Kaye is the Vice President of Threat Intelligence at HUMAN Security. Her technical specialty spans the fields of malware analysis and reverse engineering, with a keen interest in dissecting custom cryptographic systems. Lindsay is an internationally-recognized cybersecurity speaker and author. Lindsay holds a BS in Engineering with a Concentration in Computing from Olin College of Engineering and an MBA from Babson College.
Joao Santos is a distinguished lead investigator at Human Security on the Satori team. With over a decade of specialized experience in security, he has mastered roles from reverse engineering to penetration testing and sysadmin. His impressive track record extends to conducting threat research and audits for prominent enterprises and government entities in vital areas like passports and citizen IDs. Driven by his dedication to cybersecurity, Joao tirelessly shields individuals and organizations from potential cyber threats. A recognized voice in the community, he frequently shares his insights at information security conferences, championing a safer digital landscape for all.