During the OWASP AppSec Israel 2020 event, RandoriSec delivered 2 workshops:
This repository contains the materials used during the workshops.
If you want to try those workshops, you need to use a Virtual Machine (or a physical one!) containing the following tools:
- Android Studio
- apktool
- JADX
- Ghidra
- Objection
- Frida
We gave a custom VM to the attendees but another alternative is to use Mobexler. We recommend to apply the following steps in order to use it:
-
Install VMWare Player 15 (DO NOT USE VirtualBox!!) https://www.vmware.com/products/workstation-player/workstation-player-evaluation.html or Fusion 12 Trial if you have a Mac https://www.vmware.com/products/fusion/fusion-evaluation.html
-
Download Mobexler virtual machine (default password: 12345) https://mobexler.com/download.htm
-
Import the OVA file using VMWare Player 15. If an error message appears sayng the OVA file didn't pass the OVF specifications, please click retry. It should work :)
-
Inside the Virtual Machine, you need to enable kvm permission to create an emulator https://stackoverflow.com/questions/37300811/android-studio-dev-kvm-device-permission-denied
- sudo apt install qemu-kvm
- sudo adduser mobexler kvm
- reboot