In one of the assessment we encountered application detects Jailbroken device during launch only. This prevent us from Pentesting the appl...

introduction
Not too long ago, I toyed with a Android root detection bypass. In a similar scenario, I was poking at a iOS application that also had some root detection built in. For very much the same purpose, I suppose the application has its own ~reasons~…

When performing a penetration test on an Android or iOS application the developer can implement what are called binary protections that hinder an attacker from easily analysing an application. Some of the more common protections are SSL pinning, code obfuscation…

Frida is a great toolkit by @oleavr, used to build tools for dynamic instrumentation of apps in userspace. It is often used, like Substrate, Xposed and similar frameworks, during security reviews of mobile applications.
Typically rooted Android devices are…

SANS Penetration Testing blog pertaining to Modifying Android Apps: A SEC575 Hands-on Exercise, Part 1

This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform. - xtiankisutsa/awesome-mobile-CTF

Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities - dineshshetty/Android-InsecureBankv2

Mobile phones have become an indispensable part of our daily life. We use mobile phones to communicate with our loved ones, for quick access to information through the Internet, to make transaction…