Android KYC & Biometric Security Assessment

Authorized use — read before you start

This material is for educational use and authorized security testing only. Use it only on systems and apps you own or have explicit written permission to assess. Nothing here is legal advice. The authors disclaim all warranties; you are solely responsible for compliance with applicable law. See Rules of Engagement (Chapter 2).

The Book

18 chapters — threat landscape, injection techniques, full engagements, advanced evasion, and defense.

The Labs

14 hands-on exercises with real APKs, self-check scripts, and concrete deliverables.

Materials Kit

Target APKs, payload configs (GPS, sensors, frames), and automation scripts.

Quick Reference

Every command, payload format, and troubleshooting tip on one page.

---

The Engagement Cycle

1. Recon — Decode the APK, map every hookable surface

2. Patch — Instrument the bytecode with the patch-tool

3. Configure — Push payloads (frames, GPS configs, sensor profiles)

4. Execute — Run the target flow with all injection subsystems active

5. Report — Capture evidence, compute statistics, write findings

You’ll learn each phase independently, then combine them in full engagements against multi-step verification flows.

---

AI Agent Skills

This repo ships two knowledge files that give any AI coding agent — Cursor, Windsurf, Cline, GitHub Copilot, Aider, or any LLM — the methodology for authorized Android security assessments. Load them and the agent can decode, patch, verify, and diagnose like a practitioner. See Chapter 4 for setup.

---

Who Is This For

Penetration testers, security engineers, and developers working on authorized assessments of Android identity verification systems.

No prior reverse engineering experience required — Part I covers the foundations.