This one I didn’t actually solve in time, because I spent too much time trying to a) Use frida and b) RE the args to the two import functions.

Android Hacking Event 2017 Write-up. Contribute to mseclab/AHE17 development by creating an account on GitHub.

We are very happy to announce a new tool in our toolchain: CodeInspect - A Jimple-based Reverse-Engineering framework for Android and Java applications.

Developing an Android application in an IDE is very convenient since features like code completion…

by Johanna CurieliOS applications enjoy better out-of-the-box security than their Android counterparts because of Apple's more tightly controlled environment. However, that advantage doesn't mean

Penetration testing is a key step in avoiding mobile app hacks. Here are best practices to ensure apps have been properly tested against security...

Most usable tools for iOS penetration testing. Contribute to ansjdnakjdnajkd/iOS development by creating an account on GitHub.

Tool to decompile & extract Android Dex bytecode from Vdex files - anestisb/vdexExtractor

IDA debugging plugin for android armv7 so. Contribute to zhkl0228/AndroidAttacher development by creating an account on GitHub.

Great iOS Jailbreak Material! - I read hundreds of papers and PPTs. Only list the most useful materials here! - GitHub - zhengmin1989/GreatiOSJailbreakMaterial: Great iOS Jailbreak Material! - I ...

Everything seems to match specifications but the app does not work? Discover Burp Proxy — one of the best ways of debugging HTTP(S) traffic! Neither source code access nor development skills are…

An android application which exploits sieve through android components. - tanprathan/sievePWN

As an active security researcher with immense professional expertise in application security, Jason Haddix joins us to explain the common attack vectors that...

This talk will dive into commonly overlooked mobile vulnerability areas that will benefit bug bounty participants. The Android Inter Process Communication (IPC) model will be explained, and how IPC implementation flaws could allow non rooted devices to gain…

Intercepting HTTPS traffic is a necessity with any mobile security assessment. By adding a custom CA to Android, this can easily be done. As of Android Nougat, however, apps don’t trust clien…

Hace tiempo que tengo guardado este artículo para publicarlo en un momento especial, hoy lo hago como punto de partida de un grupo de amigos...