Creating malicious functional app on Android

Presented at DEF CON 33 (2025), Aug. 10, 2025, 9 a.m. (240 minutes).

This workshop provides an in-depth, hands-on experience in the creation and analysis of malicious applications, focusing on the techniques used by attackers to compromise mobile devices. Participants will learn how to manipulate Android applications using tools such as Android Studio, APKTool, Burp Suite, and Metasploit to inject payloads, bypass security mechanisms, and establish remote access. Through step-by-step demonstrations, they will explore methods for obfuscation, privilege escalation, and persistence, gaining a clear understanding of how adversaries exploit vulnerabilities in mobile environments. Beyond offensive techniques, the workshop emphasizes defensive strategies, equipping attendees with skills to detect, analyze, and mitigate mobile threats. Using malware analysis and reverse engineering, students will learn how security professionals track, neutralize, and prevent attacks. Real-time lab exercises will reinforce these concepts, ensuring that participants leave with practical expertise applicable to ethical hacking, penetration testing, and security research. This session is ideal for cybersecurity professionals, developers, and researchers looking to deepen their knowledge of mobile security and ethical hacking methodologies.

Presenters:

• HackeMate - Offensive Cybersecurity Engineer
  HackeMate is the YouTube channel where Gianpaul Custodio, a Offensive Cybersecurity Engineer, shares his expertise in ethical hacking, as well as offensive and defensive security. With over 28,000 subscribers engaged in the world of cybersecurity, he has established himself as a key figure in the community through challenges, technical analyses, and hands-on demonstrations. Professionally, he holds Red Team certifications such as the eLearnSecurity Junior Penetration Tester (eJPT) and Web Penetration Tester (eWPT), along with Blue Team certifications like Microsoft Azure Fundamentals (AZ-900) and Microsoft Security, Compliance, and Identity Fundamentals (SC-900). He is also a Google Product Expert for Google Drive, contributing his knowledge in cloud security and optimization.

Similar Presentations:

• AppSec USA 2014 / Runtime Manipulation of Android and iOS Applications
• Diana Initiative 2019 / How Secure Is This Thing Anyway? A Guide into Mobile Security and Bug Bounties
• AppSec USA 2013 / 2 Day Pre-Conference Training: Securing Mobile Devices & Applications Training