About

Hi, I’m Pravin, a Security-Focused Software Engineer specializing in mobile and native development with a strong passion for Android, application security, and low-level system internals. I work across C, C++, Smali, Kotlin, Java, Dart, and Python, and I build both apps and SDKs using the Android SDK and NDK.

I enjoy going beyond the surface of app development—understanding how Android devices work internally, how apps behave at runtime, and how security mechanisms can be strengthened. A big part of my work involves finding vulnerabilities in Android devices and applications, analyzing how they can be exploited, and designing defenses to protect against them.

My interests include cryptography, reverse engineering, root/Magisk/LSPosed detection, anti-tampering, and building secure, high-performance mobile software.

🛠️ Tools I Use Link to heading

🔍 Reverse Engineering Link to heading

  • JADX – Android APK decompilation & code analysis
  • MT Manager – APK editing, Smali patching, resource inspection
  • NP Manager – APK analysis, signing, quick binary inspection
  • Ghidra – Native (C/C++) reverse engineering, disassembly & decompilation
  • APKTool – Smali editing, rebuilding & framework analysis
  • Frida – Runtime hooking, dynamic analysis & bypass testing
  • adb & logcat – Runtime behavior analysis & debugging

💻 Development Link to heading

Android Link to heading

  • UI: XML, Jetpack Compose
  • Architecture: MVVM, MVP, MCP
  • Languages: Kotlin, Java
  • Android SDK & NDK
  • JNI / Native (C/C++) Integration
  • REST API Integration
  • Ktor Client / Mock Server Implementation
  • Google APIs: Play Integrity API
  • Attestation & TEE: Device/App attestation, hardware-backed security
  • Build & Packaging: Gradle, AAR, Maven publishing & integration
  • Code Protection: R8 / ProGuard rules, NDK obfuscation
  • Version Control: Git
  • Local Storage: RoomDB, Encrypted SharedPreferences, DataStore
  • Performance: Profiling, ANR analysis, memory tuning
  • Release: Play Store release process & app signing flow
  • Firebase: Auth, Firestore, FCM, Analytics (as needed)
  • Secure App & SDK Development

Flutter Link to heading

  • Language: Dart
  • Flutter UI Framework
  • Cross-platform App Development
  • state management
  • Platform Channels (Android ↔ Flutter integration)

🔐 Cryptography Link to heading

  • AES: GCM, CBC, CTR
  • RSA: OAEP (SHA-256, MGF1)
  • Hybrid Encryption: RSA/ECIES for key exchange + AES-GCM for data
  • Encoding & Conversions: Base64, Hex (encode/decode)
  • XOR Encoding/Decoding
  • Alpha Shift (Caesar) Encoding/Decoding
  • Key & IV Management
  • Secure Storage & Data Protection
  • TEE (Trusted Execution Environment): Secure key handling & sensitive operations

I like to break things, understand how they work, and then build them back better and more secure.

When I’m not coding, I’m usually experimenting with Android internals, researching device and app vulnerabilities, or building tools that make mobile apps safer and smarter.