Our attack vector is easy in this issue type as an attacker will typically download our applications onto their devices and unpack them using specific tools, we will be setting up a specific chapter around this. Tools might include:
There is no direct security weakness at play here as by nature, all code is capable of being reverse engineered.
To prevent this, companies often rely on the use of obfuscation tools of which a whole range of free and paid tools exist though we have to be careful with obfuscation as it can be quite resource intensive to deobfuscate the code at runtime.
A good obfuscator will have the following abilities: