How to Prevent Reverse Engineering of Your App?

Best solution - If a lot of people are trying to implement or use your apps api maybe you should just make a public api that requires payment over a certain amount of requests per day. That way you can take advantage of it.

Archivus

Can you put more lights on how to decide which classes/code to put in exceptions from obfuscating?

hanki

This is literally the first time I'm hearing this, and it immediately make A LOT of sense to me. Definitely saving to my software dev playlist. Thanks 🤝🏼

world_changers

Fun fact there are apps which can unobsufcate the app and make it easier to understand.

shaunspears

Good effort to advertise on shorts platform which is quite popular among youths. Not only it gives good information but also directs youth towards utilizing their crucial time in right direction.thanks Thanks

ANILKUKRETI

from an android reverse engineer: obfuscate your java code, store as much code in native libs as possible (and strip all symbols), use encrypted strings, and use some kind of DRM to detect certain processes and behaviours. It will still get reverse engineered as all software will, but this will make it 1000% harder and more tedious.

refraction

good tip; would also add overlapping integrity checking code, and finite state cryptography to encrypt the code at rest and decrypt at runtime

waynepambrun

While i was learning about reverse engineering i got my hands on a model named (Reverse AI) it's a local LLM (you can choose base model) and it re-names the obfuscated class and func names😅...

vedantmahajan

Everything is open source if you can read assembly and binary

djsnackcakes

Huge thanks to you for using this type of content for tips such this one

РинатФ-яо

Its not possible to stop reverse engineer of java, kotlin or web (html, css, javascript) code because they are jit compiled from source code to virtual machine code on the users hardware at app launch.

Only server side rpc code is 100% safe from reverse engineer.

C and c++ is also hard to reverse engineer because its compiled ahead of time so the source code doesn't need to be on the users device, but its not impossible.

firstnamelastname-oyes

There is a method that works and you don't have to obfuscate the code, I saw it in an application, you modify any piece of code, you compile and when you install the application you open it you get a sign that says, application modified and it closes 😂😂, it is great but I don't know what the method is called

anti-communist-cuban

You're wrong. You can totaly secure it with encryption.

Willie-vrgk

how to get written readable txt from anroid app?

krishnabhattarai

Better: just program in assembly or write directly the opcode in a bin file

mynameusedtobelong

What is purpose of developing an app...anyone can use my apk and use it

saravanakumar-wgbq

Haha love me some trapdoor functions 🌚 obfuscating is win

Oi-mjdv

So can I reverse engineering Instagram?

bigotesrandom

when doing obfuscation, all of your variables change name, as a result, if you have a data class that is being mapped from an API, it won't know how to map if you're relying on the variable name.
always add your annotation with the desired name.

arielapp

Obfuscation is not the issue

Storing keys in the APK is the issue

Anything critical must be stored on a server and use authentication to gain access

ChrisAthanas