Mobile security researcher and reverse engineer focused on Android internals, application security, Dalvik/Smali, Flutter/Dart, Frida/Pine instrumentation, radare2, and Termux-first tooling.
I build tools around the problems I hit while reversing: DEX and Smali exploration, runtime hooking, APK analysis, Android-native YARA, radare2 workflows, and automation for repeatable mobile security work.
Occasionally dabbling in web security.
- Android application security assessments, obfuscated APK reversing, malware behavior analysis, and threat intelligence.
- Dalvik bytecode, Smali, ART runtime behavior, Java/Kotlin Android internals, JNI, native code, and Flutter/Dart AOT analysis.
- Dynamic analysis and instrumentation with Frida, PineHook, radare2, custom agents, and Android/Termux-native workflows.
- Reverse-engineering tooling, security automation, and AI/MCP-assisted analysis pipelines.
- CVE-2026-33989: arbitrary file write via path traversal in
@mobilenext/mobile-mcp, fixed in0.0.49and published through GHSA-3p2m-h2v6-g9mx. - CVE-2026-33989 writeup: technical analysis of
mobile_save_screenshotandmobile_start_screen_recordingpath handling in a mobile MCP server. - r2con2025 talk: Accessing r2 from anywhere anytime.
- Research notes and writeups: Android reversing, Flutter SSL analysis, Dart AOT internals, Frida on Termux, Smali patching, signature matching, and CTF writeups.
- RevEngiBot: Telegram-based reverse-engineering toolkit.
- revengi-app: Flutter app for Smali grammar, DexRepair, Flutter analysis, Blutter integration, APK tooling, and related workflows.
- RevEngi docs: documentation for the bot, API, and app.
- yarax_android: native Android JNI bindings for
yara-x.
- understand-smali: learning and reference material for Smali and Android bytecode.
- smalisp: lightweight Smali language server with definitions and completion.
- smalig: Dalvik/Smali bytecode grammar and information fetch tool.
- java2smali: command-line tool for compiling Java into Smali.
- MT-NotepadPlus: Smali syntax highlighting for Notepad++.
- PineHookPlus: PineHook-based helper for hooking classes and methods with less repeated code.
- Fine: Pine and Frida integration experiments around Android component factory behavior.
- NewPineExample: Pine hook proof of concept using the Android
android:namemanifest attribute. - frida-python: Frida Python bindings variant with devkit support.
- frida-agent-api: lightweight Frida agent compiler and API.
- r2web: web interface for accessing radare2 from anywhere.
- warrp: native radare2 plugin for Binary Ninja WARP signatures.
- nyxstone-r2: nyxstone assembler plugin for radare2.
- r2garlic: Android/DEX decompiler work around radare2.
- termux-scripts: scripts for installing and using reverse-engineering tools on Android/Termux.
- termux-hermes: build notes and releases for Hermes on Termux.
- blutter-termux: maintained Termux-oriented B(l)utter workflow with enhancements.
- dex2c: maintained method-based Dalvik bytecode to JNI native code compiler.
- apksearch: APK search engine.
- playstoreapi: unofficial Google Play Store API wrapper in Python.
- pyxamstore: unpack and repack Xamarin assembly store blobs, including V2 and V3 formats.
- LYADI: MCP server for reverse-engineering assistance, with an Android/Termux focus.
My blog is qbtau.in, where I publish technical notes on Android reversing, Flutter/Dart internals, Frida, Smali, mobile tooling, CVEs, and CTFs.
Recent topics include:
- Building Frida natively on Android/Termux.
- Matching Java classes and methods across APK versions.
- Identifying
ssl_verify_peer_certin Android Flutter binaries. - Overriding Android constructor parameter defaults at runtime.
- Dart object pool behavior on ARM64 and ARM32.
| Platform | Link |
|---|---|
| abhi@revengi.in | |
| Website / Blog | qbtau.in |
| GitHub | github.com/AbhiTheModder |
| RevEngi | github.com/RevEngiSquad, revengi.in |
| Telegram | @AbhiTheM0dder, RevEngi Chat, RevEngiBot |
| Mastodon | @AbhiTheModder@defcon.social |
| Bluesky | @qbtau.in |
| X | @AbhiTheModder, @Qbtaumai |
| linkedin.com/in/abhisom | |
| GitLab | gitlab.com/AbhiTheModder |
| YouTube | @AbhiTheModder |





