Learn why stalkerware is an emerging threat to Enterprise & how it can lead to a breach. Poor AV detection combined with the stigma attached to stalkerware makes it a great tool to exfil data, steal credentials, breachstortion, & more! Reverse engineer Android APKs & use OSINT to hunt stalkerware.
In this repo you will find a csv file to download with domains, hashes, and IPs to search in your org and block/recategorize related to stalkerware. The list is not exhaustive, but contains some of the IOCs to determine if there is traffic on your corporate network/guest wifi/customer wifi, etc.
💋REVERSE ENGINEERING ANDROID APKs
- Kristina Balaam @chmodxx_ Reversing Malware / Reverse Engineering Android APKs - Link
- Kristina Balaam @chmodxx_ TOOLS / Reverse Engineering Android APKs - Link
- APKTOOL - Link
- DEX2JAR - Link
- JD-GUI - Link
💅CHECK THIS OUT
- @nscrutables More Stalkerware IOCs & Research - Link
- @tenacioustek More Stalkerware IOCs & Research - Link
- @K3vinLuSec Deep Technical Analysis of the Spyware FlexiSpy for Android - Link