IntermediateAndroid Malware12h of content · 2 guided labsAudio:ES750 XP

Android Malware Intermediate

Advanced Android reverse engineering: obfuscated APKs, runtime hooking, and C2 protocol analysis with Frida and MobSF.

200+ students·4.9/5 rating·High completion rate

14-day money-back guarantee · No subscription · Lifetime access

Preview the student experience

No login · Free interactive demo

Try demo →
HTKWhat's included
  • Access to all course videos and materials
  • Unlimited guided lab access with auto-validated flags
  • HTK Certificate upon completion
  • Lifetime course access with future updates
  • Flexible, self-paced learning schedule
  • 30-day satisfaction guarantee
159

One-time payment, no subscription

Join Waitlist →

2

⬡ 2 guided lab

Isolated VM environment

12h

Of content

Videos + practice + exams

4

Modules

Progressive difficulty

2–4h

Per lab session

Unlimited restarts

Lab tools you will use

jadx-guiDecompilerapktoolDecompilerMobSFAnalysisADBToolingFridaInstrumentationAndroguardAnalysisdex2jarDecompilerBytecode ViewerDecompilerjadx-guiDecompilerapktoolDecompilerMobSFAnalysisADBToolingFridaInstrumentationAndroguardAnalysisdex2jarDecompilerBytecode ViewerDecompiler
JEB DecompilerDecompilerdrozerPentestObjectionInstrumentationBurp SuiteProxyAPKiDDetectionAPKLeaksReconGhidraReverse eng.radare2Reverse eng.JEB DecompilerDecompilerdrozerPentestObjectionInstrumentationBurp SuiteProxyAPKiDDetectionAPKLeaksReconGhidraReverse eng.radare2Reverse eng.

Before you start — quick answers

Course Syllabus

4 course syllabus · 12h of content

What you will learn

  • Analyze multi-stage Android malware: droppers, loaders, and payload delivery chains
  • Deobfuscate ProGuard/DexGuard-protected APKs and decrypt hardcoded strings and config blobs
  • Patch and repackage smali, and analyze native JNI/NDK libraries with Ghidra
  • Use Frida to bypass SSL pinning, hook crypto functions, and extract C2 protocols and DGA logic
  • Deliver a mobile threat intelligence report with campaign attribution, IOCs, and detection engineering

Hands-on Lab

Analyze obfuscated, multi-stage Android malware that uses dynamic class loading, encrypted C2 communication, and anti-emulation checks. Use Frida for advanced hooking, MobSF for behavioral analysis, and manual smali patching for deobfuscation.

2⬡ 2 guided lab
2–4hSession window
UnlimitedRestarts
AutoFlag validation
Experience a lab preview →

Requirements

  • ·Modern web browser
  • ·Stable internet connection
  • ·No local installation required
  • ·Basic technical English recommended

Frequently Asked Questions

Complete answers about this course, labs, certificates, and refunds

Start from the beginning?

Android Malware Beginner

Not ready for intermediate yet? Android Malware Beginner covers the foundational skills and guided labs you need before tackling the advanced material.

10h of content1 guided lab119
View Beginner Course →
Ready to level up?

Build real Android Malware skills

Get hands-on with real Android Malware scenarios, professional-grade tools, and validated flag objectives. No prior experience needed.

From159or 199 € for the complete path
One-time payment, no recurring chargesLifetime access, course updates included14-day money-back guarantee