Post

"deen Buddy" App Reverse Engineering

Posted
By l3afai
5 min read
"deen Buddy" App Reverse Engineering

In-Depth Technical Analysis of the “Deen Buddy” Application and its Connection to Christian-Themed App “Haven”

Hey there!

This writeup provides a detailed breakdown of the “Deen Buddy” mobile application. Through reverse-engineering of its apk and an examination of its associated web infrastructure, a significant and undeniable link has been established between “Deen Buddy” (an app marketed to Muslims) and “Haven” (an app marketed to Christians). The evidence strongly suggests that “Deen Buddy” is not a ground-up development for a Muslim audience but a repurposed version of the “Haven” application, retaining much of its original Christian-centric code, text, and backend infrastructure.

This analysis is presented neutrally, focusing on the technical facts uncovered from the application’s source files. The interpretation of these facts is left to the reader. For additonal context, I am a muslim. This however won’t skew the presentation of the facts here.

Part 1: Initial Reverse-Engineering of the APK

The investigation began by extracting the “Deen Buddy” APK file (com_zamzam_deenbuddy_v1.2.0.apk) to inspect its contents.

  1. APK Extraction: The APK file was treated as a compressed archive and its contents were extracted.
  2. Locating the Source Code: Inside the extracted files, the primary application logic was found in the assets/ directory as index.android.bundle. This file is the compiled JavaScript code for a React Native application.
  3. Disassembly of Hermes Bytecode: The index.android.bundle was disassembled using specialized tools to convert the machine-readable code into a human-readable assembly format (.hasm). This allows for the inspection of the application’s functions, variables, and embedded text strings.

Part 2: Overwhelming Evidence of Christian-Themed Content in “Deen Buddy”

The most direct evidence comes from the text strings and variable names hardcoded directly into the “Deen Buddy” application. These are not user-generated content but integral parts of the app’s functionality.

2.1 - Explicit References to “The Bible”

Numerous functions and text strings within the app refer to the Bible, indicating the code’s original purpose.

  • A function labeled #18580 "BibleVerse" is dedicated to handling biblical verses.
    1

    ==> [Function #18580 "Bible" of 1332 bytes]: 2 params, frame size=36, env size=14, read index sz=47, write index sz=1, strict=0, exc handler=0, debug info=0 @ offset 0x005a9f77

    BibleVerse Code Excerpt

  • The code contains conversational prompts directly referencing the Bible, with “Haven” presented as the guide.
    1
2

    "Haven is here to help you engage with the Bible in new ways."
"Some of you told us you'd like to get more out of the Bible."

    Haven Bible Refrences

  • Internal variable names for user data collection are explicitly Christian-themed, such as user_bible_version and user_bible.
    1
2

    # String: 'user_bible_version' (String)
# String: '@user_bible:version' (String)

2.2 - Explicit References to “Church Attendance”

The app’s code includes logic and variables for tracking a user’s church attendance, a practice specific to Christianity.

  • An object within the code defines properties including bibleReading and churchAttendance.
    1

    Object: { name: '', 'profileImage': '', 'bibleReading': '', 'churchAttendance': '', 'faithStruggle': '', 'temptedToSin': '', 'lostFriend': '', 'userGoal': '', 'scripturalAccordance': '', 'choicesFromPast': '', 'futureAhead': '' }

  • Conversational flows are designed to ask the user about their church attendance.
    1
2
3
4

    "Next question: how often do you attend church?"
"I attend church sometimes"
"I never attend church"
"I rarely attend church"

2.3 - The “Haven” App: A Ghost in the Machine

The name “Haven” appears repeatedly throughout the “Deen Buddy” codebase, confirming it as the original application’s identity.

  • Share messages generated by the app link back to the “Haven” app on the Apple App Store, not “Deen Buddy.”
    1

    "\nShared from the Haven app: \nhttps://apps.apple.com/app/app-store/id6503387382?pt=127112225&ct=in_app_share_new_card&mt=8"

    shared_from_haven_link.png

  • Onboarding and feedback messages identify the app as “Haven.”
    1
2

    "Welcome to Haven. The next step in your walk with God starts today."
"Thank you for downloading Haven."

Part 3: The Companies Behind the Apps - A Shared Origin

The investigation extended to the developer entities and their web presence, revealing that both “Deen Buddy” and “Haven” originate from the same source.

  • Developer Identities:
    • Deen Buddy: Attributed to “Zamzam Technologies.”
    • Haven: Attributed to “e12 holdings llc.”
  • Identical Website Infrastructure: Despite having different names and domains (zamzam-technologies.com and e-twelve.com), their company websites are clones.
    • They use the exact same minimalist design and layout.
    • Crucially, a technical inspection reveals they share the identical templateID: 5c5a519771c10ba3470d8101. This is definitive proof that both websites were built by the same entity on the same platform.

Part 4: Shared Backend and API Infrastructure

The application’s network requests provide further proof of a shared, Christian-themed backend.

  • “Bible Chat” API Endpoint: A hardcoded URL for a feedback function points to an Amazon Web Services (AWS) Lambda function named bible-chat-lambda. This indicates that the backend service processing user data was originally, and likely still is, intended for a Bible-related application.
    1

    https://1rq3fa18m7.execute-api.us-east-2.amazonaws.com/default/bible-chat-lambda

    enter image description here

  • Quranic Data Source: While the app contains Christian-themed code, it pulls its Quranic data from the code. The disassembled code shows objects containing Quran verses in Arabic, along with transliteration and English translations. The structure suggests this data is loaded into the pre-existing framework of the “Haven” app.
    1
2

    This is where the quran verses are stored.
==> 00000000: <NewObjectWithBufferLong> <Reg8: 0, UInt16: 7, UInt16: 6, UInt32: 43064, UInt32: 8912> # Object: { 'id': 1, 'name': '....', 'transliteration': 'Al-Fatihah', 'translation': 'The Opener', 'type': 'meccan', 'total_verses': 7 }

Conclusion

The technical evidence is conclusive:

  1. Code and Content: The “Deen Buddy” application is fundamentally a re-skinned version of the Christian-themed “Haven” app. It is filled with hardcoded references to the Bible, church attendance, and the “Haven” brand name.
  2. Infrastructure: Both applications share identical website templates and backend API endpoints named for Bible-related functions.
  3. Development: “Zamzam Technologies” and “e12 Holdings LLC” are demonstrably linked, using the same web assets to represent their separate brands.

This is not a case of two separate apps being developed with similar features. It is a case of one application, designed for a Christian audience, being cosmetically altered and marketed to a Muslim audience while retaining its original, non-Islamic core. The presence of such fundamental and widespread Christian-specific elements within an app named “Deen Buddy” raises serious questions about the developer’s transparency, intentions, and understanding of the audience they claim to serve.

This post is licensed under CC BY 4.0 by the author.