If you feel that any of these steps can be improved or simplified through existing tools, please leave your comment and I will update the article.
The number of tools available to assist in understanding Android applications has significantly increased offering powerful and robust features to easily understand and review our target application.
For the initial assessment we will be using the following tools:
Netbeans IDE: https://netbeans.org/downloads/
Android SDK: https://developer.android.com/sdk/index.html#ExistingIDE
APK Downloader: http://www.01net.com/telecharger/windows/Internet/plugins/fiches/118788.html
1- APK Retrieval
2- Android SDK Installation & Emulator Setup
To test our application we will be using the Android Emulator, which could be created using the AVD Manager. The rest of these steps can also be performed on a root'd phone.
To execute the Emulator we won't be using the start button as several options are only accessible from the command line. Among the interesting option is the http-proxy feature which allow proxification of HTTP/HTTPS.
./emulator -avd watchever -http-proxy http://127.0.0.1:8081 -scale 0.6
Other traffic will requirea slightly complex setup which is already covered in this blog post: https://intrepidusgroup.com/insight/2010/12/mallory-and-me-setting-up-a-mobile-mallory-gateway/
We can this way inspect the HTTP traffic using our favorite Proxy like ZAP or Burp.
3- Installation and Information Collection
$ adb install uk.co.aifactory.chessfree.apk
1986 KB/s (7412910 bytes in 3.644s)
Once the application is installed, we might want to identify its different feature like authentication which might trigger storage of password for instance, which will allow result in the creation of Data files . The location of these files will depend on your application, but the usual folders are /data/data/
Fuente: Yet Another P0wn Blog