DABS

Download Android Binary with Search Term

DABS
Hey Android Enthusiasts, Security Researchers, EL33T H@CK3Rs, and people who followed this link! Ever need to download a binary file from your Android device/emulator, but don’t know the package name or the path? Well, you could use the following, which I have been doing for years… adb shell pm list packages | grep <search term for app> adb shell pm path <package from above> adb pull <path> Easy, right? But these days with App Bundles, binaries don’t come nicely packaged up like they use to in a single . [Read More]

ProGuard & R8: Part 2

Java to DEX Compilation & Reading Smali

ProGuard & R8: Part 2
This blog post is the second in a series to teach about the build tools ProGuard and R8, and the first in the hands-on portion of the series. In the first post I talked about the Android Build Pipeline. In this blog, I would like to actually reinforce those concepts with hands on exercises. If you haven’t read the first blog on this topic, this is part two in that series, so I highly suggest going back and understanding that material first. [Read More]

ProGuard & R8: Part 1

Understanding the Android Build Pipeline

ProGuard & R8: Part 1
Tools such as R8 and ProGuard are available for free, but to many they are a black box that code goes into and stuff comes out. My goal is to demystify the black box and teach developers how to properly diagnose the code going into and coming out of these build tools. It will also explain why you should care and why applying these tools should be a priority before shipping any code into the wild. [Read More]