mobile-security
Mobile Security Skill
Quick Workflow
Progress:
- [ ] Extract APK/IPA
- [ ] Decompile (jadx for Android)
- [ ] Search for hardcoded secrets
- [ ] Check native libraries
- [ ] Dynamic analysis with Frida if needed
- [ ] Extract flag
Quick Analysis Pipeline
# Android APK
file app.apk
apktool d app.apk -o extracted/
jadx app.apk -d output/
grep -r "flag\|secret" output/
# iOS IPA
unzip app.ipa -d extracted/
strings Payload/App.app/App | grep -i flag
Reference Files
| Topic | Reference |
|---|---|
| Android APK Analysis | reference/android.md |
| iOS IPA Analysis | reference/ios.md |
| Frida & objection | reference/frida.md |
Tools Summary
| Tool | Purpose | Install |
|---|---|---|
| jadx | Java decompiler | github.com/skylot/jadx |
| apktool | APK decode/rebuild | apktool.org |
| Frida | Dynamic instrumentation | pip install frida-tools |
| objection | Runtime exploration | pip install objection |
| Ghidra | Native lib reversing | ghidra-sre.org |
| dex2jar | DEX to JAR | github.com/pxb1988/dex2jar |
CTF Quick Patterns
# Flag in resources
grep -r "flag\|ctf\|secret" extracted/res/
# Flag in native library
strings extracted/lib/*/*.so | grep -i flag
# Hardcoded secrets
grep -r "api_key\|secret\|password" output/
More from kiwamizamurai/cctf
web-security
Exploits web application vulnerabilities. Use when working with SQL injection, XSS, SSRF, SSTI, command injection, path traversal, authentication bypass, deserialization, or any web-based CTF challenge.
30osint
Gathers intelligence from public sources. Use when searching for usernames, geolocating images, investigating social media, analyzing domains, or solving information gathering challenges.
19pyjail
Escapes Python sandbox restrictions. Use when working with restricted Python eval/exec environments, sandbox escapes, filtered input challenges, or Python jail challenges.
9networking
Analyzes network traffic and exploits protocols. Use when working with PCAP files, Wireshark captures, packet analysis, protocol exploitation, traffic forensics, or data exfiltration detection.
7crypto-analysis
Breaks cryptographic systems and decrypts ciphertext. Use when working with RSA, AES, XOR, classical ciphers, hash functions, or when challenge involves encryption, decryption, keys, or mathematical crypto attacks.
7binary-analysis
Analyzes binary files for vulnerabilities and develops exploits. Use when working with ELF/PE executables, pwn challenges, buffer overflow, heap exploitation, ROP chains, format string bugs, or shellcode development.
7