In this post, I explain how to get an APK from your phone/emulator and use JADX to pseudo decompile it.
This is a pretty easy retired HackTheBox machine that you should try out! It has a straight forward exploitation path.
This is a somewhat easy/a bit intermediate machine perfect to practice a certain OWASP Top 10 vulnerability. Try it out yourself! Machine link: https://www.vulnhub.com/entry/temple-of-doom-1,243/
Yet another OSCP-Like Vulnhub machine, this one is recommended if you're looking to challenge your exploitation skills. Try it out by yourself first! Machine link: https://www.vulnhub.com/entry/brainpan-1,51/
This is a Vulnhub inspired by the series Mr. Robot and it's considered to be a OSCP-like machine. Most of the steps for "pwning" this machine are realistic so it's a fun one to try. Give it a try yourself! Machine Link: https://www.vulnhub.com/entry/mr-robot-1,151/