How Android Apps Work — APK Structure & Compilation

Posted By on September 18, 2025

Inside an APK — Android Reverse Engineering Basics

Welcome to the first video in my Android Reverse Engineering Basics playlist! In this episode, we’ll explore how Android apps are built, compiled, and packaged — and what’s actually inside an APK file.

I’ll cover the full lifecycle of an Android app: from Java/Kotlin code, to bytecode, to DEX, and finally to APK/AAB packaging. We’ll then dive into the structure of an APK — including the Manifest, DEX files, Smali, resources, assets, native libraries, and signatures.

What you’ll learn

How Android apps are compiled (Java/Kotlin → class → DEX).

The difference between DVM (Dalvik) and ART (Android Runtime).

What’s inside an APK (Android Package) vs an AAB (App Bundle).

APK structure: Manifest, classes.dex, res/, assets/, lib/, META-INF/.

What Smali is and why it matters in reverse engineering.

Basics of resources and assets for reverse engineers.

Why APK signing and verification is important.

Chapters / Timestamps
0: 00 — Intro & channel welcome
0: 25 — Writing Android apps (Java/Kotlin, Android Studio)
0: 38 — Compilation to bytecode (.class files)
1: 06 — Conversion to DEX (Dalvik Executable)
1: 45 — Packaging into APK & AAB (differences explained)
3: 16 — APK structure overview (Manifest, DEX, res/, assets/, lib/, META-INF/)
4: 02 — AndroidManifest.xml explained
4: 38 — DEX deep dive & multiple DEX files
5: 16 — Smali basics & example code
6: 40 — Resources (res/) folder
7: 00 — Assets/ folder
7: 26 — Native libraries (lib/) and their role
7: 57 — META-INF & APK signatures
8: 15 — Wrap-up & conclusion

This video is for educational purposes only and aimed at developers, researchers, and anyone interested in learning how Android apps work under the hood.

This is Part 1 of my Android Reverse Engineering Basics playlist. Subscribe so you don’t miss Part 2, where we’ll dive into JADX.

If you found this useful, please Like, Subscribe, and drop a comment with your questions or suggestions for future videos.

☕ If you’d like to support my work, you can tip on Ko-fi 👉
https://ko-fi.com/androidxray
Thank you for your support!

#android #reverseengineering #apk #androidsecurity #smali