From d369cfb187e609d4ab8cf10ea1290cdaa9f5c985 Mon Sep 17 00:00:00 2001
From: Jean-Marie Mineau <jean-marie.mineau@inria.fr>
Date: Mon, 7 Jul 2025 10:33:05 +0200
Subject: [PATCH 1/2] try to avoid patological todo cases

---
 5_theseus/3_results.typ | 3 ++-
 5_theseus/main.typ      | 4 +++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/5_theseus/3_results.typ b/5_theseus/3_results.typ
index c43b6fe..d312335 100644
--- a/5_theseus/3_results.typ
+++ b/5_theseus/3_results.typ
@@ -1,6 +1,7 @@
 #import "../lib.typ": todo
 
-== Results #todo[better section name] <sec:th-res>
+== Result <sec:th-res>
+#todo[better section name for @sec:th-res]
 
 === Bytecode Loaded by Application <sec:th-code-collected>
 
diff --git a/5_theseus/main.typ b/5_theseus/main.typ
index c2d7bea..8125c9d 100644
--- a/5_theseus/main.typ
+++ b/5_theseus/main.typ
@@ -1,6 +1,8 @@
 #import "../lib.typ": todo
 
-= #todo[theseus chapter title]
+= Theseus <sec:th>
+
+#todo[theseus chapter title for @sec:th]
 
 #include("1_static_transformation.typ")
 #include("3_results.typ")

From 65baae4d0dd1fa59f7996c43711d5af62d0f714d Mon Sep 17 00:00:00 2001
From: Jean-Marie Mineau <jean-marie.mineau@inria.fr>
Date: Mon, 7 Jul 2025 12:38:53 +0200
Subject: [PATCH 2/2] wip soa tools

---
 0_preamble/notations.typ   | 14 ++++++++++-
 2_background/X_android.typ |  5 ++++
 2_background/X_tools.typ   | 51 ++++++++++++++++++++++++++++++++++++++
 2_background/main.typ      |  2 ++
 4 files changed, 71 insertions(+), 1 deletion(-)
 create mode 100644 2_background/X_android.typ
 create mode 100644 2_background/X_tools.typ

diff --git a/0_preamble/notations.typ b/0_preamble/notations.typ
index cbd2990..c51cfb9 100644
--- a/0_preamble/notations.typ
+++ b/0_preamble/notations.typ
@@ -1,7 +1,13 @@
+#let ADB = link(<acr-adb>)[ADB]
 #let APK = link(<acr-apk>)[APK]
+#let ART = link(<acr-art>)[ART]
+#let AXML = link(<acr-axml>)[AXML]
 #let DEX = link(<acr-dex>)[DEX]
 #let OAT = link(<acr-oat>)[OAT]
 #let JAR = link(<acr-jar>)[JAR]
+#let IDE = link(<acr-ide>)[IDE]
+#let SDK = link(<acr-sdk>)[SDK]
+#let XML = link(<acr-xml>)[XML]
 
 #let notation_table = align(center, table(
   columns: 2,
@@ -9,8 +15,14 @@
   table.header(
     [Acronyms], [Meanings],
   ),
+  ADB, [Android Debug Bridge, a tool to connect to an Android emulator of smartphone to run commands, start applications, send events and perform other operations for testing and debuging purpose <acr-adb>],
   APK, [Android Package, the file format used to install application on Android. The APK format is an extention of the #JAR format <acr-apk>],
+  ART, [Android RunTime, the runtime environement that execute an Android application. The ART is the successor of the older Dalvik Virtual Machine <acr-art>],
+  AXML, [Android #XML. The specific flavor of #XML used by Android. The main specificity of AXML is that it can be compile in a binary version inside an APK <acr-axml>],
   DEX, [Dalvik Executable, the file format for the bytecode used for applicatiobs by Android <acr-dex>],
+  IDE, [Integrated Development Environment, a software providing tools for software development <acr-ide>],
   JAR, [Java ARchive file, the file format used to store several java class files. Sometimes used by Android to store #DEX files instead of java classes <acr-jar>],
-  OAT, [Of Ahead Time, an ahead of time compiled format for #DEX files <acr-oat>]
+  OAT, [Of Ahead Time, an ahead of time compiled format for #DEX files <acr-oat>],
+  SDK, [Software Development Kit, a set of tools for developing software targeting a specific platform. In the context of Android, the version of the SDK can be associated to a version of Android, and application compatibility is defined in term of compatible SDK version <acr-sdk>],
+  XML, [eXtensible Markup Language, a language to store data <acr-xml>],
 ))
diff --git a/2_background/X_android.typ b/2_background/X_android.typ
new file mode 100644
index 0000000..9c7f6b0
--- /dev/null
+++ b/2_background/X_android.typ
@@ -0,0 +1,5 @@
+#import "../lib.typ": todo
+
+== Android <sec:bg-android>
+
+#todo[Present the android environnement]
diff --git a/2_background/X_tools.typ b/2_background/X_tools.typ
new file mode 100644
index 0000000..22334c9
--- /dev/null
+++ b/2_background/X_tools.typ
@@ -0,0 +1,51 @@
+#import "../lib.typ": todo, APK, IDE, SDK, DEX, ADB, ART, eg, XML, AXML
+
+== Android Reverse Engineering Tools <sec:bg-tools>
+
+Due to the specificities of Android, the usual tools for reverse engineering are not enough.
+#todo[blabla intro in @sec:bg-tools]
+
+#todo[References in @sec:bg-tools]
+
+=== Android Studio <sec:bg-android-studio>
+
+The whole Android developement ecosystem is packaged by Google in the #IDE Android Studio. 
+In practice, Android Studio is a source-code editor that wrap arround the different tools of the android #SDK.
+The #SDK tools and packages can be installed manually with the `sdkmanager` tool.
+Among the notable tools in the #SDK, they are:
+
+- `emulator`: an Android emulator. 
+  This tools allow to run an emulated Android phone on a computer.
+  Although very usefull, Android emulator has several limitation. 
+  For once, it cannot emulate another achitecture.
+  An x86_64 computer cannot emulate an ARM smartphone.
+  This can be an issue because a majority of smartphone run on ARM processor.
+  Also, for certain version of Android, the proprietary GooglePlay libraries are not available on rooted emulators.
+  Lastly, emulators are not designed to be stealthy and can easily be detected by an application.
+  Malware will avoid detection by not running their payload on emulators.
+- #ADB: a tool to send commands to Android smartphone or emulator.
+  It can be used to install applications, send instructions, events, and generally perform debuging operations.
+- Platform Packages: Those packages contains data associated to a version of android needed to compile an application.
+  Especially, they contains the so call `android.jar` files.
+- `d8`: The main use of `d8` is to convert java bytecode files (`.class`) to Android #DEX format.
+  It can also be used to perform different level of optimization of the bytecode generated.
+- `aapt`/`aapt2` (Android Asset Packaging Tool): This tools is used to build the #APK file.
+  Behind the scene, it we convert #XML to binary #AXML and ensure the right files have the right compression and alignment. (#eg some ressource files are mapped in memory by the #ART, and thus need to be aligned and not compressed).
+- `apksigner`: the tool used to sign an #APK file.
+
+=== Apktool <sec:bg-apktool>
+
+Apktool is a *reengineering tool* for Android #APK files.
+It can be used to disassemble an application: it will extract the files from the #APK file, convert the binary #AXML to text #XML, and use smali/backsmali to convert the #DEX files to smali, an assembler-like langage that match the Dalvik bytecode instructions.
+The main strenght of Apktool is that after having disassemble an application, the content of the application can be edited and reassemble into a new #APK.
+
+=== Androguard <sec:bg-androguard>
+
+Androguard is a python library for parsing and analysing #APK files.
+
+=== Jadx <sec:bg-jadx>
+
+=== Soot <sec:bg-soot>
+
+=== Frida <sec:bg-frida>
+
diff --git a/2_background/main.typ b/2_background/main.typ
index 1442111..49fecc7 100644
--- a/2_background/main.typ
+++ b/2_background/main.typ
@@ -4,6 +4,8 @@
 
 #todo[Present field background and related work]
 
+#include("X_android.typ")
+#include("X_tools.typ")
 #text(fill: luma(75%), lorem(200))
 
 /*