Mohamed redaHow I was able to get two account takeovers via OAuth custom scheme hijacking at the same targetFirst: Deep linking is a method of sending data directly to a native application from an external source. A deep link typically looks like…Mar 1A response icon1Mar 1A response icon1
Tobias KönigOWASP UnCrackable App for Android Level 2 — WalkthroughThe UnCrackable App for Android Level 2 is a reverse-engineering challenge. It is similar to the first challenge we discussed previously…Apr 3, 2022Apr 3, 2022
Adham A. MakroumFlutter TLS Bypass: How to Intercept HTTPS Traffic When all other Frida Scripts FailIn this article, I’ll walk you through my journey in intercepting HTTPS traffic from a APK based on Flutter during a pentesting engagement…May 17A response icon3May 17A response icon3
InInfoSec Write-upsbyYoKo KhoExploiting Unsanitized URL Handling & SQL Injection via Deep Links in iOS App: Write-up of FlipcoinBreaking Down Data Exfiltration via Unsanitized External URL Handling and SQL Injection through Deep LinksFeb 21Feb 21
Happy JesterXiaomi 13 Pro Code Execution via GetApps DOM Cross-Site Scripting (XSS)بِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِJan 7A response icon2Jan 7A response icon2
Soliman AlmansorDeep Link Hijacking to Full Account Takeover — Complete GuideHow I could Hijack the authentication Deep Link, contains the authentication token for the victim, leading to full account takeoverDec 27, 2024A response icon2Dec 27, 2024A response icon2
Ahmed HeshamASCWG CTF 2024 — Android Challenges Solution & Source Codeبِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمAug 5, 2024Aug 5, 2024
InInfoSec Write-upsbyHacktivitiesHacker101 CTF: Android Challenge WriteupsIn this article, I will be demonstrating how to solve the Hacker101 CTF (Capture The Flag) challenges for the Android category. Hacker101…Aug 14, 2020Aug 14, 2020
InInfoSec Write-upsbySandeep VishwakarmaA step-by-step Android penetration testing guide for beginnersGreetings fellow hackers, my name is Sandy, Security Analyst and Bug bounty hunter.Nov 3, 2023A response icon8Nov 3, 2023A response icon8
YogasatriautamaAndroid Pentest: Install Nox Player & Burp SuiteDownload Nox Player at https://www.bignox.com/Mar 25, 2024A response icon1Mar 25, 2024A response icon1
+Ch0pin🕷️Pending Intents: A Pentester’s viewFew days ago I came across an interesting case of vulnerability posted at the AndroidInfoSec’s facebook page. Since there are not many…May 31, 2022A response icon1May 31, 2022A response icon1
Ahmad HalabiThe ART of Chaining VulnerabilitiesDeep Dive into breaking applications and chaining vulnerabilities to hack complete infrastructures.Dec 23, 2023A response icon5Dec 23, 2023A response icon5
Mohamed redaCyCTF qualification 2024: CyMob-CommanderHello, everyone! Today, I’m gonna explain how I solved the CyMob-Commander CyCTF Qualification 2024.Nov 3, 2024Nov 3, 2024
dnelsakaAn interesting Bug that I found in Android Mobile ApplicationMay 29, 2024A response icon2May 29, 2024A response icon2
