MASVS v1 MSTG-RESILIENCE-6
MASVS v2 MASVS-RESILIENCE-2
Testing Runtime Integrity Checks
Make sure that all file-based detection of reverse engineering tools is disabled. Then, inject code by using Xposed, Frida, and Substrate, and attempt to install native hooks and Java method hooks. The app should detect the "hostile" code in its memory and respond accordingly.
Work on bypassing the checks with the following techniques:
- Patch the integrity checks. Disable the unwanted behavior by overwriting the respective bytecode or native code with NOP instructions.
- Use Frida or Xposed to hook the APIs used for detection and return fake values.
Refer to the "Tampering and Reverse Engineering on Android" chapter for examples of patching, code injection, and kernel modules.