The blog of Sash Zats

Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners. - HTBridge/pivaa

Development of mobile applications have picked up really fast in the last couple of years. Much has been written about the security assessment of iOS

I recently had to play with BlackBerry devices during a penetration testing engagement. It’s quite difficult to find reliable information online about legacy devices (running BBOS < 7.x) so I though it would be a nice idea to share this here.

All third-party applications written for the BlackBerry must be written in Java or use one of RIM’s alternate application development runtimes. The universal use of managed runtimes sacrifices a small amount of speed in favor of reducing the device’s attack…

Mobile Application Security, Mobile application reverse engineering, jailbreaking, rooting, windows phone application

Cybersecurity services and research

The world’s 1st book of very detailed iOS App reverse engineering skills :) - iosre/iOSAppReverseEngineering

[WIP] Crappy iOS app analyzer. Contribute to chaitin/passionfruit development by creating an account on GitHub.

Genymotion with Google Play Services for ARM. GitHub Gist: instantly share code, notes, and snippets.

Electra iOS 11.0 - 11.1.2 jailbreak toolkit based on async_awake - coolstar/electra

Learn how security is implemented in Apple hardware, software, apps and services.

Explore four techniques to bypass SSL certificate checks on Android in our Four Ways to Bypass Android SSL Verification and Certificate Pinning blog.

Android Nougat changed the default behavior for apps, so installing the Burp CA to user certs no longer works. Here’s two ways to bypass it

A collection of android security related resources - ashishb/android-security-awesome

Documentation:. Contribute to dpnishant/appmon development by creating an account on GitHub.

Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities. - logicalhacking/DVHMA