DAMN - A Debugging and Manipulation Tool for Android Applications


Mobile developers tend to use source code obfuscation to protect their code against reverse engineering. Unfortunately, some developers rely on the idea that obfuscated applications also provide additional security. But that is not the case since mistakes in design are still present and can be used for arbitrary attacks. However, manually analyzing such obfuscated applications is time consuming for researchers due to the complexity of the generated code. Our debugging and manipulation tool (DAMN) offers a new way of investigating Android applications, including obfuscated ones. It combines static source code reversing with dynamic manipulation techniques to get rid of obfuscation penalties and supports the investigator during the analyzing process. DAMN can display the reversed source code, pause any application at any given time and allows to manipulate its state. All those features make DAMN a powerful reversing and analyzing tool for manual investigations of obfuscated Android applications.

Proceedings of the 14th International Conference on Advances in Mobile Computing and Multimedia (MoMM 2016)