Applied AI/LLM for Mobile App Reversing and Analysis // Guerric Eloi, Atlan Pinabel

Virtual | Oct 26-31 | 32 Hours

BOOK NOW

ABSTRACT

This hands-on training explores how AI and Large Language Models (LLMs) can augment the reverse engineering and security analysis of Android and iOS applications. Participants will learn to leverage both local and online LLMs to assist with decompiling, annotating, and analyzing APKs/IPAs and native libraries. The training introduces MCPs to enhance static analysis tools like Jadx and Ghidra, and walks through real-world usage of LLMs for code refactoring, Frida script generation, fuzzing harness creation, and automated reporting. The course blends static and dynamic analysis with AI-assisted tooling, culminating in a hands-on project where participants reverse a complex APK using AI throughout the process.

KEY LEARNING OBJECTIVES

  • Automate and accelerate Android and iOS reverse engineering and analysis using AI/LLMs.
  • Integrate AI into tools like Jadx and Ghidra.
  • Use AI to generate Frida scripts, fuzzing harnesses, and annotated decompiled code.
  • Identify vulnerabilities and analyze APKs/IPAs more efficiently.

WHO SHOULD ATTEND

  • Mobile Reverse Engineers
  • Mobile Vulnerability Researchers
  • Pentesters focussed on mobile apps
BOOK NOW

COURSE DETAILS

Part 1 – AI-Augmented Static Analysis

Module 1 | Introduction & Setup

  • Training overview
  • Installing required tools: IPSW, Jadx, Ghidra, Frida, Python, LLM clients
  • Introduction to MCPs

Module 2 | AI Overview for Reverse Engineers

  • What LLMs can do for reverse engineering
  • Prompt engineering basics
  • Online vs local LLM models
  • Tools: GPT-5, Claude, DeepSeek, Gemini, ...

Module 3 | Jadx MCP + AI-enhanced Analysis

  • Static reverse engineering
  • Using AI to annotate decompiled code
  • Recovering class names, enums, constants

Module 3 | Ghidra MCP + AI Integration

  • Reverse engineering native .so and .dylib files
  • Using AI inside Ghidra to annotate disassembly
  • Generating and executing Ghidra scripts with LLM support

Module 4 | AI-Powered Decompilation Refactoring

  • Refactor and clean decompiled native code
  • Use AI for control flow simplification, better naming

Module 5 | Practice Challenge

  • Reverse a full APK and IPA playground app
  • Summarize functionality, permissions, and logic
  • Deliver a short AI-assisted report

Part 2 – Dynamic Analysis + AI-Powered Automation

Module 6 | Frida Script Generation with AI

  • Basics of Frida and native code hooking
  • Prompting LLMs to generate Frida scripts
  • Auto-generate method hooks, native interceptors

Module 7 | AI-Driven Fuzzing Harness Generation

  • Explain a target function to LLM
  • Generate fuzz harnesses for native code
  • Integrate with AFL++, libFuzzer, jackalope, ...

Module 8 | Using Nuclei AI for Mobile Security

  • Create AI-generated templates and skills
  • Build agentic workflows leveraging skills
  • Agents orchestration protocols and best practices

Module 9 | Automated Reporting with LLMs

  • Auto-generate vulnerability reports
  • Summarize technical data for exec/management

Module 10 | Final Hands-on Project

  • Reverse a more complex app (obfuscation + native)
  • Use AI for annotation, Frida script, fuzzing, and report
  • Deliver final findings
  • Q&A, feedback, and resources
BOOK NOW

Knowledge Prerequisites

  • Basic understanding of Android application structure and components (APK, manifest, smali/Java)
  • Basic knowledge of reverse engineering concepts (Jadx, Ghidra, Frida is a plus)
  • Familiarity with Python scripting
  • Some experience with using LLMs (e.g., ChatGPT, Claude) is helpful but not required
  • Optional: previous experience with fuzzing or mobile vulnerability analysis

System Requrirements

  • Operating System: Linux or macOS
  • Internet Access: Required for using online LLMs
  • Local AI: a local LLM client or interface

Students will be provided with detailed setup instructions sufficiently prior to the class.

YOUR INSTRUCTORS: Guerric Eloi and Nabih Benazzouz

Guerric ELOI is a cybersecurity researcher at FuzzingLabs focused on Android and iOS security. He identifies high-impact vulnerabilities through penetration testing, reverse engineering, and bug bounty programs, working with vendors to prevent major threats. He also delivers practical training on mobile security and builds custom tools to automate vulnerability discovery and strengthen system defenses.

Nabih is the COO of FuzzingLabs. Over the last 3.5 years he has moved from intern to security engineer, team lead, and now operations lead. His work focuses on fuzzing and vulnerability research, writing and maintaining tools in C, Python, Rust, and Go. He earned his cybersecurity-engineering degree from EPITA

About FuzzingLabs

Founded in 2021 and headquartered in Paris, FuzzingLabs is a cybersecurity startup specializing in vulnerability research, fuzzing, and blockchain security. We combine cutting-edge research with hands-on expertise to secure some of the most critical components in the blockchain ecosystem

Ringzer0’s Virtual Training Experience & FAQ
What can I expect from a virtual training delivered by Ringzer0, and answers to frequently asked questions.
Ringzer0Ringzer0
BOOK NOW
Cancellation Policy

Cancellations are not permitted but attendee changes can be accommodated anytime prior to the start of the course.

Note: In the event of a class cancellation, Ringzer0 will endeavor to offer transfer to another training at no additional charge.
Virtual Training Oct 26-31 // In-Person Training Nov 2-4 / Conference Nov 5,6

OTHER VIRTUAL TRAINING COURSES

Great! Next, complete checkout for full access to Ringzer0
Welcome back! You've successfully signed in
You've successfully subscribed to Ringzer0
Success! Your account is fully activated, you now have access to all content
Success! Your billing info has been updated
Your billing was not updated