Analysing bytecode is an underestimated tool that provides value to us as developers and business that other tools can't: - We can verify that the compiled binary going to production doesn't contain debug code - It allows us to check that obfuscation is working as intended - By comparing APKs/AABs we can understand how changes in source code affect the compiled binary (e.g.: “why is my DEX file growing?”) Diving into the depths bytecode can feel daunting, and even mastering the skill, manual processes don't scale well to the entire team. But what if I told you that it's possible to build an automated bytecode analyzer and it is easier than you would expect? In this session: - We'll discuss how to utilise existing open source libraries to build automated bytecode analysis in your CI pipeline - I'll show you the basic building blocks: how to parse bytecode and deobfuscate it. - I'll also share how to build a tool that makes the difference between two builds obvious using those blocks.