Confs Space
Security Mar 1, 2019

Andromeda- GUI based Dynamic Instrumentation Toolkit powered by Frida | Shivang Desai | nullcon 2019

nullcon Goa 2019
nullcon Goa 2019 Conference Collection

Talk Abstract: Andromeda is a GUI (Graphical User Interface) based on Frida and powered by Python under the hood. Andromeda guides researcher/pentester with features like classes and methods enumeration, hooking and intercepting particular means with ease of clicks during dynamic app analysis. It auto-creates snippets, on the run, which further helps in hooking an interception. One of the unique features of Andromeda is runtime memory analysis. One can analyze memory dumps from available addresses and perform functionalities like string search, pattern search, scan memory, etc. This sets Andromeda apart from other alternative tools based on Frida.

About Presenter: Shivang Desai is a security researcher at Zscaler Inc. His current role allows him to research on Android Malware and develop methodologies to mitigate further attacks on organizations. He loves to blog about Android malware encountered in the wild. Along with Researcher profile, he also wears the hat of Automation expert and IoT enthusiast.

#Frida #Python #MemoryAnalysis

Follow nullcon on Facebook: https://www.facebook.com/nullcon Twitter: https://twitter.com/nullcon Website: https://nullcon.net

#nullcon #India #Information Security #Security #Hacking