com.twitter.android.WidgetSettingsActivity extend PreferenceActivity and export.
By entering the appropriate extra intent can call any of its internal fragment.
So do not export...

**Summary:**
XSS via start ContentActivity using 'html' parameter.

**Description (Include Impact):**
Arbitrary applications on Android can run the exported activities ContentActivity,...

urandom talks

Collection of Some Good research Documentation. Contribute to avicoder/WriteUp development by creating an account on GitHub.

OASAM is the acronym of Open Android Security Assessment Methodology and its purpose is to become a reference framework on Android application vulnerability assessments. - b66l/OASAM

Most competent web developers have learned a thing or two about how to handle cross-site scripting and cross-site request forgery, the two main attack vectors for compromising the front end of a web application. These attacks take advantage of the … Read…

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr...

NowSecure Documentation

Learn about the OWASP Mobile Top 10 and view Secure Mobile Development Best Practices to avoid or remediate the top ten risks.

A Collection of Secure Mobile Development Best Practices - nowsecure/secure-mobile-development

Test if your Mobile App has any security flaws and fixes them before it damages your business reputation. Mobile usage is growing, and so are Mobile Apps.

In today’s era Smartphones have become an essential part of everyone’s life, which raises a major concern in terms of security & privacy. Protecting
smartphone
devices against different security threats has become a major issue. Smartphones have been

A collection of android security related resources - ashishb/android-security-awesome

This blog post focuses on the state of the mobile banking app security. The scope was the 20 banks in Kenya that offer mobile banking servi...