Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer

The aim of this blog post was to present a method for reverse engineering Android application protected by DexGuard using opensource tools, in the context of a real-world example. Using JEB can however speed up the process of deobfuscation, but as far as we know, the most “technical” parts must still be made separately to obtain the decrypted DEX files.

While the device in itself seemed innocuous, it ended up being a great way to gain access to a sensitive network. Stacking layers upon layers of obfuscation doesn’t help against a motivated attacker. Step-by-step guide to reverse an APK protected with DexGuard using Jadx