CYBER SCAPE AFRICA | Q2
2019
MARA is a Mobile Application Reverse engineering and
Analysis Framework. It is basically a tool that puts
together commonly used mobile application reverse
engineering and analysis tools, so as to assist in
testing mobile applications against the OWASP mobile
security threats. Its objective is to make the task easier
and friendlier to mobile application developers and
security professionals. MARA is developed and
maintained by Christian and Chrispus.
Mobile application reverse engineering can seem like
quite a daunting task. This is mostly due to the fact
that a number of tools are required to get the job
done, where you convert a mobile application from
one form to another. For example disassembling an
android APK into a java class file (JAR) or even to
smali, which is more or less a human readable version
of assembly.
MARA was developed out
of necessity. Chrispus and I
were reverse engineering
and analyzing tons of
mobile applications, and
the process was quite
repetitive and soon it
became tiresome and
boring. Mostly because of
running the same
decompilation tools, with
the same commands over
and over again, across
different apps.
That’s when we figured, it was about time to sit down and automate the whole process. So we
started out the process of writing a couple of bash scripts and after a few months, we came up with
MARA framework. The tool worked quite well, and we decided to open source it to the cyber
security community, so that other pentesters and researchers could have a much easier time reverse
engineering and analyzing mobile applications.
At the heart of MARA, is simply a number of bash scripts that tie together really awesome, reliable
and well known mobile application reverse engineering tools, scanners and an excellent
deobfuscator. This is so that they can all be used in a systematic way. The tools themselves can also
be used independently, in the event a specific use for the tools is required and the capability is not
included in the bash scripts.
41