AndroidBreach is a blue team lab that falls under the Endpoint Forensics category and will cover the following subjects: CyberChef, DB Browser for SQLite, JADX, ALEAPP, Initial Access, Persistence, Privilege Escalation, Defense Evasion, Discovery, Collection, Exfiltration, Impact.
Learning Objectives
Analyze an Android device dump and reverse engineer a malicious APK using ALEAPP and JADX-GUI to identify malware functionality, data exfiltration, and extract compromised credentials.