How To Block Debugging Tools in Android & iOS Apps

Last updated January 27, 2022 by Aaron Singer

A mobile app is a masterpiece. It is the summation of all of your hard work, design, testing, re-testing, customer feedback and more. You have created the best app you can, and now someone can steal your secret from you. Your algorithms, business logic, and unique data. You can prevent this when you block debugging tools from reading the code of your app. This will add anti-debugging protection to your app.

The discipline for extracting design from a product is called Reverse-Engineering. There are two main categories of reverse engineering:

Static: Extracting the design of the application without running it, just inspecting its contents (see the article that explains what constitutes the contents of an iOS and Android application)
Dynamic: Extracting information about the inner workings of the application by running it in its target or controlled (emulator) environment and using various tools to inspect the data processing of an application while it runs. This is also known as debugging.

This Knowledge Base explains Appdome’s Anti-Debugging capabilities, a key component of ONEShield™ by Appdome, which Appdome automatically adds to every app built using Appdome.

We hope you find it useful and enjoy using Appdome!

What Does Block Debugging Tools in Android & iOS Apps Protect?

Appdome’s Anti-Debugging counters and stunts malicious dynamic reverse-engineering attempts on your application.

With Block Debugging Tools, developers can achieve the following, depending on the platform:

iOS: Connecting with a debugger will cause the debugging client (lldb) to:
- Halt
- After a sufficient wait time, the debug session will terminate and the debugger with a crash.
Android:
- Attempting to attach to the process with a debugger, tracing tool or code injectors will result in the application misbehaving and eventually terminate.
- Attempting to debug the Java Virtual Machine (JVM) using JDB (or anything that utilizes the JDWP protocol) will disconnect the debugger.

These are the basic measures Appdome takes to make sure an attacker has to resort to other techniques such as tampering and static reversing. Both of which are protected by Appdome’s Anti-Tampering and Anti-Reversing. This three-pronged defense gives an all-around effective hardening for your mobile app.

3 Easy Steps to Block Debugging Tools in Hacking Android & iOS Apps

Follow these step-by-step instructions to add Anti-Debugging to any mobile app:

Upload an Android or iOS App to Appdome’s no code security platform (.apk, .aab, or .ipa)
In the Build Tab, under Security, Select ONEShield (shown below)
Click Build My App

Anti-Debugging (Block Debugging Tools) has added automatically to every application as part of the ONEShield™ bundle to every app built on Appdome.

Appdome’s no-code mobile app security platform offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android and iOS apps with anti-debugging. When a user clicks “Build My App,” Appdome leverages a microservice architecture filled with 1000s of security plugins, and an adaptive code generation engine that matches the correct required plugins to the development environment, frameworks, and methods in each app.

Prerequisites to Block Debugging Tools in Hacking Android & iOS Apps

Here’s what you need to build secured apps with anti-debugging:

Appdome account (If you don’t have an Appdome account, create a free Appdome account here)
Mobile App (.ipa for iOS, or .apk or .aab for Android)
Signing Credentials (e.g., signing certificates and provisioning profile)

No Coding Dependency

Using Appdome, there are no development or coding prerequisites to build secured apps with anti-debugging. There is no SDK and no library to manually code or implement in the app. The Appdome technology adds anti-debugging and the relevant standards, frameworks, and logic to the app automatically, with no manual development work at all.

How to Sign & Publish Secured Mobile Apps Built on Appdome

After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include:

Signing Secure iOS and Android apps
Customizing, Configuring & Branding Secure Mobile Apps
Deploying/Publishing Secure mobile apps to Public or Private app stores

Or, see this quick reference Releasing Secured Android & iOS Apps built on Appdome.

More Block Debugging Tools in Hacking Android & iOS Apps Resources

Check out the full menu of features in the Appdome Mobile Security Suite

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Or request a demo at any time.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.