We broke commercial root detection in Android apps 🔓📲. We targeted sensitive apps - finance, security, government - which use commercial protections. We got them running on rooted devices. That gave us full control to modify app behavior however we wanted. 👇.

Finally, we built a persistent module, and got the apps cleanly running on the rooted device across reboots, updates, reinstalls - no adb needed. Read the full writeup here -

What do you want to know?.

We reverse-engineered the apps, bypassing anti research protections. We pinpointed critical 'decision points' in which the app determines whether its safe to run or not. By hooking these points, we got the apps running happily on rooted devices.

Security critical apps often rely on Runtime Application Self Protection (RASP) to block execution on rooted devices and prevent tampering. Otherwise, attackers can:.- Fake location and/or movement.- Bypass usage restrictions.- Run apps on malware-infected devices.

RT @it4sec: DJI drone security analysis: reverse engineering communication, firmware extraction, and fuzzing for vulnerabilities. 𖥂🎮 ၊၊||၊….

At @LucidBitLabs, we broke commercial root detection in apps with top-tier app protections in place (RASP). Full write up -

RT @it4sec: Hacker tries to restore lost internet connection: reverse engineers the modem and hacks into ISP network. ☎️ 🌐🔬🔨. More details….

RT @dfsec_com: Our new blog post is live:

RT @offensive_con: #OffensiveCon25 videos are now up!.

RT @Morpheus______: "DisARMing" code - an exploration into systems programming, #debugging & #reverseEngineering on #Linux/#Android/#Darwin….

RT @Nethanella: New attack MO for #Android #Malware #Banker abusing #WebView to attack any #Bank with no special permission need 🤯.Amazing….

RT @NovoShield_Pro: NAVY FEDERAL CREDIT UNION SITE PHISHED.#novoShield's @LiorKeshet detected & reported - today - a phishing site hosted o….

RT @orsafr: The code for the tool we presented at @deepsec. Now it’s open source!!!.

RT @orsafr: Finally, The blog is out, proving that when it comes to cloud security, MFA is not a silver bullet. Technical Deep Dive: Vulner….

RT @iCyberFighter: Sending a shoutout to the awesome reverse engineer who dissected #goznym when it emerged. His name is .@LiorKesh and I m….

RT @iCyberFighter: #GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation: | #cybercrime.

RT @BlueHatIL: The wait is over! Registration & schedule for #BlueHatIL 2019 are now live. Places are limited, register today! https://t.co….

RT @POC_Crew: We have uploaded slides from POC2018:) Thank you everyone for your support and interests! . Be noticed that some slides are n….

RT @4x6hw: Our #defcon26 talk, "Turning Deception Outside-In: Tricking Attackers with OSINT", was just uploaded to youtube. check it out. @….

RT @GoogleVRP: We opensourced most of the Google CTF 2018 Finals challenges: