{"id":1392,"date":"2026-07-07T09:00:00","date_gmt":"2026-07-06T20:00:00","guid":{"rendered":"https:\/\/blog.wiseowls.co.nz\/?p=1392"},"modified":"2026-03-08T03:32:01","modified_gmt":"2026-03-07T14:32:01","slug":"reverse-engineering-an-android-app-part-1-cracking-it-open","status":"publish","type":"post","link":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/","title":{"rendered":"Reverse engineering an Android app part 1 \u2014 Cracking it open"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">When a client asks us to build an integration against an API that has no public documentation, sometimes the only option is to go straight to the source \u2014 the app itself. We recently needed to understand how a particular Android app signs its API requests, and what followed was a proper detective story in three acts. This is act one: getting the source code.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">XAPK is just a zip in a trenchcoat<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Modern Android apps don&#8217;t ship as a single APK anymore. They come as XAPKs \u2014 bundles of split APKs, each serving a specific purpose:<\/p>\n\n\n\n<div class=\"wp-block-merpress-mermaidjs diagram-source-mermaid\"><pre class=\"mermaid\">graph TD\n    A[\"app.xapk\"] -->|unzip| B[\"base APK \u2014 code + resources\"]\n    A --> C[\"config.arm64_v8a.apk \u2014 native libs\"]\n    A --> D[\"config.en.apk \u2014 English resources\"]\n    A --> E[\"config.xxhdpi.apk \u2014 screen density assets\"]<\/pre><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">The split keeps downloads smaller \u2014 your phone only fetches what it needs. For us, it means an extra extraction step before we can get to the code.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"bash\" class=\"language-bash\"># Rename and extract \u2014 it's literally a zip\nunzip app.xapk -d xapk-extracted\/<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">The base APK is where the interesting bits live. Inside it: 8 <a href=\"https:\/\/source.android.com\/docs\/core\/runtime\/dex-format\">DEX<\/a> files containing roughly 24,744 classes. That&#8217;s a lot of haystacks to search through.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Two tools, two perspectives<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">We reach for two decompilation tools that serve different purposes.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong><a href=\"https:\/\/github.com\/skylot\/jadx\">JADX<\/a><\/strong> converts DEX bytecode back into readable Java. It&#8217;s our go-to for understanding what the code does:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"bash\" class=\"language-bash\">jadx -d output app.apk --show-bad-code -j 4<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">The <code>--show-bad-code<\/code> flag is important \u2014 when JADX can&#8217;t perfectly decompile something, it&#8217;ll show its best attempt as a comment rather than silently skipping it.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong><a href=\"https:\/\/apktool.org\/\">Apktool<\/a><\/strong> decodes resources and produces <a href=\"https:\/\/github.com\/JesusFreke\/smali\">smali<\/a> \u2014 a human-readable assembly for Dalvik. We need this when we want to modify and rebuild the app later:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"bash\" class=\"language-bash\">apktool d app.apk -o output_dir<\/code><\/pre>\n\n\n\n<div class=\"wp-block-merpress-mermaidjs diagram-source-mermaid\"><pre class=\"mermaid\">graph LR\n    A[\"APK\"] --> B[\"JADX\"]\n    A --> C[\"Apktool\"]\n    B --> D[\"Java source \u2014 for reading\"]\n    C --> E[\"Smali + resources \u2014 for modifying\"]<\/pre><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">But then everything&#8217;s obfuscated<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Here&#8217;s what JADX gives us for a typical class:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code lang=\"java\" class=\"language-java\">public final class c {\n    private final String a;\n    private final String b;\n    private final String c;\n\n    public c(String str, String str2, String str3) {\n        this.a = str;\n        this.b = str2;\n        this.c = str3;\n    }\n}<\/code><\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">Single-letter class names, single-letter fields. This is <a href=\"https:\/\/developer.android.com\/build\/shrink-code\">R8 obfuscation<\/a> at work \u2014 Google&#8217;s code shrinker renames everything to minimise APK size (and conveniently makes reverse engineering harder). Not all is lost though \u2014 string literals, annotation-preserved names, and network DTOs often survive the obfuscation. That&#8217;s where we start pulling the thread.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In the <a href=\"https:\/\/blog.wiseowls.co.nz\/?p=1393\">next post<\/a>, we&#8217;ll trace through the obfuscated code to find where the app hides its API signing secrets.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When a client asks us to build an integration against an API that has no public documentation, sometimes the only option is to go straight to the source \u2014 the app itself. We recently needed to understand how a particular Android app signs its API requests, and what followed was a proper detective story in &hellip; <a href=\"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Reverse engineering an Android app part 1 \u2014 Cracking it open&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":566,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[7],"tags":[8],"class_list":["post-1392","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-infrastructure","tag-infosec"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Reverse engineering an Android app part 1 \u2014 Cracking it open - Timur and associates<\/title>\n<meta name=\"description\" content=\"First steps in Android reverse engineering \u2014 extracting XAPKs, decompiling with JADX and Apktool, and navigating R8 obfuscation.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Reverse engineering an Android app part 1 \u2014 Cracking it open - Timur and associates\" \/>\n<meta property=\"og:description\" content=\"First steps in Android reverse engineering \u2014 extracting XAPKs, decompiling with JADX and Apktool, and navigating R8 obfuscation.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/\" \/>\n<meta property=\"og:site_name\" content=\"Timur and associates\" \/>\n<meta property=\"article:published_time\" content=\"2026-07-06T20:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.wiseowls.co.nz\/wp-content\/uploads\/2020\/06\/padlock-code.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"312\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"timur\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TimurKh\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/\"},\"author\":{\"name\":\"timur\",\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/#\\\/schema\\\/person\\\/34d0ed30d573b5bc317ea990bd2e0c59\"},\"headline\":\"Reverse engineering an Android app part 1 \u2014 Cracking it open\",\"datePublished\":\"2026-07-06T20:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/\"},\"wordCount\":315,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/padlock-code.jpg\",\"keywords\":[\"infosec\"],\"articleSection\":[\"Infrastructure\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/\",\"url\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/\",\"name\":\"Reverse engineering an Android app part 1 \u2014 Cracking it open - Timur and associates\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/padlock-code.jpg\",\"datePublished\":\"2026-07-06T20:00:00+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/#\\\/schema\\\/person\\\/34d0ed30d573b5bc317ea990bd2e0c59\"},\"description\":\"First steps in Android reverse engineering \u2014 extracting XAPKs, decompiling with JADX and Apktool, and navigating R8 obfuscation.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/padlock-code.jpg\",\"contentUrl\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/wp-content\\\/uploads\\\/2020\\\/06\\\/padlock-code.jpg\",\"width\":1280,\"height\":312},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/index.php\\\/2026\\\/07\\\/07\\\/reverse-engineering-an-android-app-part-1-cracking-it-open\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Reverse engineering an Android app part 1 \u2014 Cracking it open\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/#website\",\"url\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/\",\"name\":\"Timur and associates\",\"description\":\"Notes of an IT contractor\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/blog.wiseowls.co.nz\\\/#\\\/schema\\\/person\\\/34d0ed30d573b5bc317ea990bd2e0c59\",\"name\":\"timur\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/23d55e17d4f0990ee4d12bc6e5dcfb58a292934efd62a185756876379e780b16?s=96&r=pg\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/23d55e17d4f0990ee4d12bc6e5dcfb58a292934efd62a185756876379e780b16?s=96&r=pg\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/23d55e17d4f0990ee4d12bc6e5dcfb58a292934efd62a185756876379e780b16?s=96&r=pg\",\"caption\":\"timur\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/TimurKh\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Reverse engineering an Android app part 1 \u2014 Cracking it open - Timur and associates","description":"First steps in Android reverse engineering \u2014 extracting XAPKs, decompiling with JADX and Apktool, and navigating R8 obfuscation.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/","og_locale":"en_US","og_type":"article","og_title":"Reverse engineering an Android app part 1 \u2014 Cracking it open - Timur and associates","og_description":"First steps in Android reverse engineering \u2014 extracting XAPKs, decompiling with JADX and Apktool, and navigating R8 obfuscation.","og_url":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/","og_site_name":"Timur and associates","article_published_time":"2026-07-06T20:00:00+00:00","og_image":[{"width":1280,"height":312,"url":"https:\/\/blog.wiseowls.co.nz\/wp-content\/uploads\/2020\/06\/padlock-code.jpg","type":"image\/jpeg"}],"author":"timur","twitter_card":"summary_large_image","twitter_creator":"@TimurKh","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/#article","isPartOf":{"@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/"},"author":{"name":"timur","@id":"https:\/\/blog.wiseowls.co.nz\/#\/schema\/person\/34d0ed30d573b5bc317ea990bd2e0c59"},"headline":"Reverse engineering an Android app part 1 \u2014 Cracking it open","datePublished":"2026-07-06T20:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/"},"wordCount":315,"commentCount":0,"image":{"@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.wiseowls.co.nz\/wp-content\/uploads\/2020\/06\/padlock-code.jpg","keywords":["infosec"],"articleSection":["Infrastructure"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/","url":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/","name":"Reverse engineering an Android app part 1 \u2014 Cracking it open - Timur and associates","isPartOf":{"@id":"https:\/\/blog.wiseowls.co.nz\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/#primaryimage"},"image":{"@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.wiseowls.co.nz\/wp-content\/uploads\/2020\/06\/padlock-code.jpg","datePublished":"2026-07-06T20:00:00+00:00","author":{"@id":"https:\/\/blog.wiseowls.co.nz\/#\/schema\/person\/34d0ed30d573b5bc317ea990bd2e0c59"},"description":"First steps in Android reverse engineering \u2014 extracting XAPKs, decompiling with JADX and Apktool, and navigating R8 obfuscation.","breadcrumb":{"@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/#primaryimage","url":"https:\/\/blog.wiseowls.co.nz\/wp-content\/uploads\/2020\/06\/padlock-code.jpg","contentUrl":"https:\/\/blog.wiseowls.co.nz\/wp-content\/uploads\/2020\/06\/padlock-code.jpg","width":1280,"height":312},{"@type":"BreadcrumbList","@id":"https:\/\/blog.wiseowls.co.nz\/index.php\/2026\/07\/07\/reverse-engineering-an-android-app-part-1-cracking-it-open\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.wiseowls.co.nz\/"},{"@type":"ListItem","position":2,"name":"Reverse engineering an Android app part 1 \u2014 Cracking it open"}]},{"@type":"WebSite","@id":"https:\/\/blog.wiseowls.co.nz\/#website","url":"https:\/\/blog.wiseowls.co.nz\/","name":"Timur and associates","description":"Notes of an IT contractor","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.wiseowls.co.nz\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.wiseowls.co.nz\/#\/schema\/person\/34d0ed30d573b5bc317ea990bd2e0c59","name":"timur","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/23d55e17d4f0990ee4d12bc6e5dcfb58a292934efd62a185756876379e780b16?s=96&r=pg","url":"https:\/\/secure.gravatar.com\/avatar\/23d55e17d4f0990ee4d12bc6e5dcfb58a292934efd62a185756876379e780b16?s=96&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/23d55e17d4f0990ee4d12bc6e5dcfb58a292934efd62a185756876379e780b16?s=96&r=pg","caption":"timur"},"sameAs":["https:\/\/x.com\/TimurKh"]}]}},"_links":{"self":[{"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/posts\/1392","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/comments?post=1392"}],"version-history":[{"count":4,"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/posts\/1392\/revisions"}],"predecessor-version":[{"id":1404,"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/posts\/1392\/revisions\/1404"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/media\/566"}],"wp:attachment":[{"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/media?parent=1392"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/categories?post=1392"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.wiseowls.co.nz\/index.php\/wp-json\/wp\/v2\/tags?post=1392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}