MASTG-TEST-0050: Testing Runtime Integrity Checks
Effectiveness Assessment¶
Make sure that all file-based detection of reverse engineering tools is disabled. Then, inject code by using Xposed, Frida, and Substrate, and attempt to install native hooks and Java method hooks. The app should detect the "hostile" code in its memory and respond accordingly.
Work on bypassing the checks with the following techniques:
- Patch the integrity checks. Disable the unwanted behavior by overwriting the respective bytecode or native code with NOP instructions.
- Use Frida or Xposed to hook the APIs used for detection and return fake values.