🌟v2 of my free Intro to Android App Reverse Engineering workshop is here! 🌟 I've added 3 new exercises, walk-through videos for all 7 exercises, a new module on obfuscation, & exercises on vuln hunting rather than just malware. I hope it helps! https://t.co/8h2Wjfus1t

Every iOS security guide . Contribute to 0xmachos/iOS-Security-Guides development by creating an account on GitHub.

The tool is used to analyze the content of the android application in local storage. - NotSoSecure/android_application_analyzer

TL;DR – There are many Android SSL pinning bypass scripts available for Frida. However, those don’t always work on obfuscated applications. If the application uses OkHttp, there’s…

👾👾 Genymotion_ARM_Translation Please enjoy！. Contribute to m9rco/Genymotion_ARM_Translation development by creating an account on GitHub.

Use Frida and Objection! By now you should know how to install Burp Suite and set it up to proxy your iOS device. If this is all you do then you will come up against TLS errors. You have to use Frida and Objection to inject an SSL bypass into the app you're…

My previous blogposts explained how to intercept Flutter traffic on Android ARMv8, with a detailed follow along guide for ARMv7. This blogpost does the same for iOS. ⚠️ Update August 2022 ⚠️An upda…

A Magisk/KernelSU module that automatically adds user certificates to the system root CA store - NVISOsecurity/AlwaysTrustUserCerts

Intercepting HTTPS traffic is a necessity with any mobile security assessment. By adding a custom CA to Android, this can easily be done. As of Android Nougat, however, apps don’t trust clien…

Elder driver Xposed Framework. Contribute to ElderDrivers/EdXposed development by creating an account on GitHub.

Hello, a good reader of my epic.blog!

If you want to redirect you Android devices traffic to your Burp instance, you’ll just have to use DNAT and MASQUERADING. I was more detailed about this topic in this post. And since the Internet is full of misleading information these are the steps to get…

A quick and simple guide for using the most common objection pentesting functions. Penetration testers can use this to quickly find the majority of vulnerabilities in iOS applications. Usage / Installation Pre-Install – You need Frida to use objection If…

A guide on how to bypass jailbreak detection on the DVIAv2 app for iPhones.

Introduction

In this blog, four techniques to bypass SSL verifification and certificate pinning in iOS will be discussed.

Learn how to use Drozer for Android penetration testing and analyze security vulnerabilities in Android apps.