https://florence-njeri.github.io/njeri/tags/reverse-engineering/Recent content in Reverse Engineering on Florence NjeriHugo -- gohugo.ioenWed, 04 Feb 2026 09:00:00 +0000https://florence-njeri.github.io/njeri/posts/factsdroid/Wed, 04 Feb 2026 09:00:00 +0000https://florence-njeri.github.io/njeri/posts/factsdroid/GOAL: Intercept network traffic in FactsDroid and view/modify the API requests and responses between FactsDroid and the backend server without statically patching the provided APK. The objective is to successfully implement a Man-in-The-Middle (MITM) attack that allows you to manipulate the facts being displayed to the user, potentially inserting custom content or modifying the retrieved facts before they reach the application. Upon installing the app using adb install factsdroid.apk, I immediately see this error message when launching the app: In order to bypass the root check, I injected the Frida anti-root script into my APK: frida -U --codeshare dzonerzy/fridantiroot -f com.https://florence-njeri.github.io/njeri/posts/reverse_engineering/Sun, 01 Dec 2024 09:36:41 +0000https://florence-njeri.github.io/njeri/posts/reverse_engineering/Reverse Engineering # Decompiling a program from assemnly back to high level language to try and understand what the program does. Example uses cases: Vulnerability Analysis Malware Research Binary Analysis Tools Summary (Ghidra Book, Ch. 2) # 1. file # What: Identifies the file format (ELF, PE, Mach-O), architecture (x86, ARM), and bit-width (32/64-bit). When: Step 1 (Triage). Use it the moment you receive a mystery file. Why vs Others: Use this instead of nm or objdump initially because it tells you if the file is even an executable or if it is “stripped” (missing names). Example Command: file <filename> 2.