◈ Path Bundle

Android Malware

Reverse engineering APKs and safe dynamic analysis.

Save 79 EUR

Lab tools you will use

jadx-guiDecompilerapktoolDecompilerMobSFAnalysisADBToolingFridaInstrumentationAndroguardAnalysisdex2jarDecompilerBytecode ViewerDecompilerjadx-guiDecompilerapktoolDecompilerMobSFAnalysisADBToolingFridaInstrumentationAndroguardAnalysisdex2jarDecompilerBytecode ViewerDecompiler
JEB DecompilerDecompilerdrozerPentestObjectionInstrumentationBurp SuiteProxyAPKiDDetectionAPKLeaksReconGhidraReverse eng.radare2Reverse eng.JEB DecompilerDecompilerdrozerPentestObjectionInstrumentationBurp SuiteProxyAPKiDDetectionAPKLeaksReconGhidraReverse eng.radare2Reverse eng.

Courses Included

◎ BEGINNER500 XPAudio:ES

Android Malware Beginner

Master the fundamentals of Android malware analysis: APK triage, static decompilation, dynamic instrumentation, permission-abuse detection, and mobile IOC extraction in a guided isolated emulator lab.

1 guided lab10h of content
▲ INTERMEDIATE750 XPAudio:ES

Android Malware Intermediate

Intermediate Android malware analysis: deobfuscate ProGuard/DexGuard APKs, patch smali, analyze native JNI/NDK libraries, bypass SSL pinning and anti-emulation with Frida, extract C2 protocols, and deliver mobile threat intelligence reports.

2 guided labs12h of content

Why Choose the Full Pack?

Get the Beginner + Intermediate courses bundled together and unlock exclusive extras.

Beginner + Intermediate courses (22h of content)
All 4 guided labs with isolated VMs
All per-module + certification exams
2 HTK certificates (Beginner + Intermediate)
Extra consolidation lab
Lifetime access + priority support
Access to the HTK community
199278
Save 79
Join Waitlist →

Your Learning Roadmap

Each phase maps to a course module. Scroll to assemble your full progression — from beginner fundamentals to intermediate mastery.

1

Phase 1

Beginner

Android Ecosystem Fundamentals & Mobile Threats

Start your android malware journey with Android Malware Beginner.

  • Android architecture: Dalvik/ART, permissions, app sandbox
  • Mobile threat landscape: spyware, bankers, Android RATs
  • Essential tools: ADB, emulator, jadx-gui, apktool
2

Phase 2

Beginner

Static Analysis of APKs

  • APK internal structure: AndroidManifest, smali, resources
  • Decompilation with jadx-gui: reading Java/Kotlin code
  • Detecting suspicious permissions and malicious code smells
3

Phase 3

Beginner

Dynamic Analysis & Instrumentation

  • Installation and execution in isolated emulator with ADB
  • Automated analysis with MobSF: traffic, APIs, behavior
  • Introduction to Frida: hooking critical functions in real time
4

Phase 4

Beginner

Final Report + Certification Exam

  • Documenting mobile IOCs: hashes, C2 domains, abused permissions
  • Writing the complete APK analysis report
5

Phase 5

Intermediate

Advanced Android Threat Analysis

Advance into complex scenarios with Android Malware Intermediate.

  • Multi-stage malware: droppers, loaders, and payload delivery
  • Obfuscation techniques: ProGuard, DexGuard, string encryption
  • Advanced ADB and emulator configuration for evasive samples
6

Phase 6

Intermediate

Deep Static Analysis & Deobfuscation

  • Manual smali patching and repackaging techniques
  • Decrypting hardcoded strings and configuration blobs
  • Analyzing native libraries (JNI/NDK) with Ghidra
7

Phase 7

Intermediate

Advanced Dynamic Instrumentation with Frida

  • Frida scripting: intercepting SSL pinning and crypto functions
  • Runtime C2 protocol analysis and domain generation algorithm (DGA) extraction
  • Anti-emulation bypass techniques
8

Phase 8

Intermediate

Executive Report + Intermediate Certification

  • Mobile threat intelligence report: campaign attribution and IOCs
  • Detection engineering for mobile threat indicators