Click on the hashtags. If the note doesn't show up, just type the hashtag in the chat. Else, the note got vanished
#afwall
#alternatives
#altfrontends
#amp
#apk
#aurora
#backup
#blockadstrackers
#bounty
#classroom
#cleaningcrap
#cloud
#cloudflare
#datacollection
#debloat
#deezer
#delete
#deodex
#disablecaptiveportal
#disablecomponents
#disablegoogle
#discord
#dns
#dnscrypt
#dontask
#e
#exodus
#facebook
#fakegapps
#faq
#fdroid
#fennec
#findyourphone
#gcam
#gmail_signin_error
#googlefi
#googletakeout
#gpslock
#graphene
#grapheneos
#gratisapps
#guide
#ipsum
#librechair
#lineagemicrog
#location
#logs
#madaidan
#magicgapps
#magisk
#mailalias
#manjaro
#microg
#mixplorer
#netoff
#news
#nitrokey
#notes
#nothingtohide
#osm
#ot
#playgames
#playpaid
#problems
#pushnotifications
#qpatch
#rh01
#riot
#safetynet
#satstat
#searchengines
#shelter
#signal
#signaturespoofing
#sigspoof
#smalipatcher
#spite
#sync
#tgclients
#todolists
#tor
#torfud
#uber
#uncensorISP
#unlppatch
#untracklinks
#vanced
#vpn
#wear
#wiki
#windows
#wireguard
#withoutgoogle
#xiaomi
#afwall
#alternatives
#altfrontends
#amp
#apk
#aurora
#backup
#blockadstrackers
#bounty
#classroom
#cleaningcrap
#cloud
#cloudflare
#datacollection
#debloat
#deezer
#delete
#deodex
#disablecaptiveportal
#disablecomponents
#disablegoogle
#discord
#dns
#dnscrypt
#dontask
#e
#exodus
#fakegapps
#faq
#fdroid
#fennec
#findyourphone
#gcam
#gmail_signin_error
#googlefi
#googletakeout
#gpslock
#graphene
#grapheneos
#gratisapps
#guide
#ipsum
#librechair
#lineagemicrog
#location
#logs
#madaidan
#magicgapps
#magisk
#mailalias
#manjaro
#microg
#mixplorer
#netoff
#news
#nitrokey
#notes
#nothingtohide
#osm
#ot
#playgames
#playpaid
#problems
#pushnotifications
#qpatch
#rh01
#riot
#safetynet
#satstat
#searchengines
#shelter
#signal
#signaturespoofing
#sigspoof
#smalipatcher
#spite
#sync
#tgclients
#todolists
#tor
#torfud
#uber
#uncensorISP
#unlppatch
#untracklinks
#vanced
#vpn
#wear
#wiki
#windows
#wireguard
#withoutgoogle
#xiaomi
Forwarded from Privacy Matters π‘οΈ
Top 8 steps to improve your privacy ||Guide
πΉ Watch it via:
YouTube || Invidious
π‘ @howtobeprivateonline
#Guide #Privacy
This video covers 8 starting steps to improve your online privacy in a chronological order of importance and effectiveness.
πΉ Watch it via:
YouTube || Invidious
π‘ @howtobeprivateonline
#Guide #Privacy
Media is too big
VIEW IN TELEGRAM
Become Anonymous: The Ultimate Guide To Privacy, Security, & Anonymity 2020
by Techlore
https://www.youtube.com/watch?v=a1i-3xwcSGA
Resources:
https://github.com/techlore-official/channel-content/blob/master/Resources/BA2020sources.md
LBRY.tv: https://lbry.tv/@techlore:3
https://techlore.tech
@techloreofficial
#privacy #security #guide
by Techlore
https://www.youtube.com/watch?v=a1i-3xwcSGA
Resources:
https://github.com/techlore-official/channel-content/blob/master/Resources/BA2020sources.md
LBRY.tv: https://lbry.tv/@techlore:3
https://techlore.tech
@techloreofficial
#privacy #security #guide
Forwarded from BlackBox (Security) Archiv
The Digital First Aid Kit!
The Digital First Aid Kit is a free resource to help rapid responders, digital security trainers, and tech-savvy activists to better protect themselves and the communities they support against the most common types of digital emergencies. It can also be used by activists, human rights defenders, bloggers, journalists or media activists who want to learn more about how they can protect themselves and support others. If you or someone you are assisting is experiencing a digital emergency, the Digital First Aid Kit will guide you in diagnosing the issues you are facing, and refer you to support providers for further help if needed.
π ππΌ https://digitalfirstaid.org/en/index.html
π ππΌ Digital Security Helpline
https://www.accessnow.org/help/
#data #digital #firstaid #security #help #toolkit #guide #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
The Digital First Aid Kit is a free resource to help rapid responders, digital security trainers, and tech-savvy activists to better protect themselves and the communities they support against the most common types of digital emergencies. It can also be used by activists, human rights defenders, bloggers, journalists or media activists who want to learn more about how they can protect themselves and support others. If you or someone you are assisting is experiencing a digital emergency, the Digital First Aid Kit will guide you in diagnosing the issues you are facing, and refer you to support providers for further help if needed.
π ππΌ https://digitalfirstaid.org/en/index.html
π ππΌ Digital Security Helpline
https://www.accessnow.org/help/
#data #digital #firstaid #security #help #toolkit #guide #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
Locking down Signal
Concerned about the privacy and security of your communications? Follow our guide to locking down Signal.
The encrypted messaging app, Signal, is quickly becoming a newsroom staple for communicating with sources, accepting tips, talking to colleagues, and for regular old voice calls and messages. While itβs a practical tool for anyone concerned with the security and privacy of their conversations, people working in newsrooms are particularly interesting targets, and should benefit from locking down Signal.
π‘ (If youβre not yet using it, learn how to get started here.)
Signal makes it easy to have a secure conversation without thinking about it. On its face, it looks and feels identical to your default text messaging app, but security experts so often recommend it because of what it does in the background.
First, Signal offers end-to-end encryption, meaning only conversational participants can read the messages. While regular phone calls or text messages allow your phone company to unscramble your conversations, even the team behind Signal canβt listen to them. You donβt need to take their word for it. Signal is open source, meaning the code is available for anyone to review. This also makes security audits simpler for independent specialists, who have torn apart the code and published findings that everything works as intended. Finally, Signal retains nearly no metadata β information about who spoke to whom, and when. (The developers proved as much in court.)
These are some of the advantages you want in an encrypted messaging app.
Because newsrooms can attract a lot of attention, journalists who already use Signal should consider hardening it against physical access, as well as unwanted remote access and network-based eavesdropping. So letβs talk about how.
π ππΌ https://freedom.press/training/locking-down-signal/
#signal #encrypted #messaging #app #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Concerned about the privacy and security of your communications? Follow our guide to locking down Signal.
The encrypted messaging app, Signal, is quickly becoming a newsroom staple for communicating with sources, accepting tips, talking to colleagues, and for regular old voice calls and messages. While itβs a practical tool for anyone concerned with the security and privacy of their conversations, people working in newsrooms are particularly interesting targets, and should benefit from locking down Signal.
π‘ (If youβre not yet using it, learn how to get started here.)
Signal makes it easy to have a secure conversation without thinking about it. On its face, it looks and feels identical to your default text messaging app, but security experts so often recommend it because of what it does in the background.
First, Signal offers end-to-end encryption, meaning only conversational participants can read the messages. While regular phone calls or text messages allow your phone company to unscramble your conversations, even the team behind Signal canβt listen to them. You donβt need to take their word for it. Signal is open source, meaning the code is available for anyone to review. This also makes security audits simpler for independent specialists, who have torn apart the code and published findings that everything works as intended. Finally, Signal retains nearly no metadata β information about who spoke to whom, and when. (The developers proved as much in court.)
These are some of the advantages you want in an encrypted messaging app.
Because newsrooms can attract a lot of attention, journalists who already use Signal should consider hardening it against physical access, as well as unwanted remote access and network-based eavesdropping. So letβs talk about how.
π ππΌ https://freedom.press/training/locking-down-signal/
#signal #encrypted #messaging #app #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Freedom of the Press
Signal, the secure messaging app: A guide for beginners
How to get started using Signal, the encrypted messaging app.
Forwarded from BlackBox (Security) Archiv
Step-by-step guides and detailed information on secure messaging apps for Android, iOS, Windows, Mac and Linux.
π‘ Apps are listed in order of:
β β = "Highly Recommended"
β = "Worth a Try"
β= "Not Recommended"
π ππΌ https://securechatguide.org/centralizedapps.html
#secure #chat #messaging #apps #android #iOS #windows #mac #linux #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
π‘ Apps are listed in order of:
β β = "Highly Recommended"
β = "Worth a Try"
β= "Not Recommended"
π ππΌ https://securechatguide.org/centralizedapps.html
#secure #chat #messaging #apps #android #iOS #windows #mac #linux #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
Protect your information from physical threats
π‘ ππΌ Table of Contents ππΌ
π ππΌ What you can learn from this guide
π ππΌ Assessing your risks
π ππΌ Creating your physical security policy
π ππΌ Protecting your information from physical intruders
π ππΌ Software and settings related to physical security
π ππΌ Maintaining a healthy environment for your equipment
π ππΌ Further reading
π‘ π ππΌ https://securityinabox.org/en/guide/physical/
#security #physical #information #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
π‘ ππΌ Table of Contents ππΌ
π ππΌ What you can learn from this guide
π ππΌ Assessing your risks
π ππΌ Creating your physical security policy
π ππΌ Protecting your information from physical intruders
π ππΌ Software and settings related to physical security
π ππΌ Maintaining a healthy environment for your equipment
π ππΌ Further reading
π‘ π ππΌ https://securityinabox.org/en/guide/physical/
#security #physical #information #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
securityinabox.org
Protect against physical threats
Forwarded from BlackBox (Security) Archiv
How to Secure Anything
Security engineering is the discipline of building secure systems.
Its lessons are not just applicable to computer security. In fact, in this repo, I aim to document a process for securing anything, whether it's a medieval castle, an art museum, or a computer network.
π‘What is security engineering?
Security engineering isn't about adding a bunch of controls to something.
It's about coming up with security properties you'd like a system to have, choosing mechanisms that enforce these properties, and assuring yourself that your security properties hold.
π ππΌ https://github.com/veeral-patel/how-to-secure-anything
#howto #guide #security #secure #anything
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Security engineering is the discipline of building secure systems.
Its lessons are not just applicable to computer security. In fact, in this repo, I aim to document a process for securing anything, whether it's a medieval castle, an art museum, or a computer network.
π‘What is security engineering?
Security engineering isn't about adding a bunch of controls to something.
It's about coming up with security properties you'd like a system to have, choosing mechanisms that enforce these properties, and assuring yourself that your security properties hold.
π ππΌ https://github.com/veeral-patel/how-to-secure-anything
#howto #guide #security #secure #anything
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
GitHub
GitHub - veeral-patel/how-to-secure-anything: How to systematically secure anything: a repository about security engineering
How to systematically secure anything: a repository about security engineering - veeral-patel/how-to-secure-anything
Forwarded from Privacy Matters π‘οΈ
How to use Whonix | TOR Tutorial Part 2
πΉ Watch it via:
YouTube || Invidious || BitChute
β’ Part 1 of TOR series: HERE
β’ Download Whonix: HERE
π‘ @howtobeprivateonline
#TOR #Guide #Privacy #OS
Whonix is the safest way to be online and surf the web. Learn how to be anonymous and private with Tor Tutorial Part 2.
πΉ Watch it via:
YouTube || Invidious || BitChute
β’ Part 1 of TOR series: HERE
β’ Download Whonix: HERE
π‘ @howtobeprivateonline
#TOR #Guide #Privacy #OS
Forwarded from BlackBox (Security) Archiv
Media is too big
VIEW IN TELEGRAM
How to compile Windows Server 2003 - and compile Windows XP, (part 1)
From source code to ISO. Sit back, relax, and witness the miracle of creating a new build of Windows :)
Just to be clear from the start: As of now, there is NO way to completely compile Windows from the Source code, as it lacks some stuff... However, this is pretty close.
π ππΌ https://nitter.net/NTDEV_/
https://invidious.snopyta.org/watch?v=bO0daYbti5g
π ππΌ Compiling Windows XP, part 1
https://invidious.snopyta.org/watch?v=8IyW-bwGQTQ
#windows #compiling #sourcecode #leak #video #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
From source code to ISO. Sit back, relax, and witness the miracle of creating a new build of Windows :)
Just to be clear from the start: As of now, there is NO way to completely compile Windows from the Source code, as it lacks some stuff... However, this is pretty close.
π ππΌ https://nitter.net/NTDEV_/
https://invidious.snopyta.org/watch?v=bO0daYbti5g
π ππΌ Compiling Windows XP, part 1
https://invidious.snopyta.org/watch?v=8IyW-bwGQTQ
#windows #compiling #sourcecode #leak #video #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Forwarded from BlackBox (Security) Archiv
Awful AI
Awful AI is a curated list to track current scary usages of AI - hoping to raise awareness to its misuses in society
Artificial intelligence in its current state is unfair, easily susceptible to attacks and notoriously difficult to control. Often, AI systems and predictions amplify existing systematic biases even when the data is balanced. Nevertheless, more and more concerning the uses of AI technology are appearing in the wild. This list aims to track all of them. We hope that Awful AI can be a platform to spur discussion for the development of possible preventive technology (to fight back!).
β‘οΈ Discrimination
β‘οΈ Influencing, disinformation, and fakes
β‘οΈ Surveillance
β‘οΈ Social credit systems
β‘οΈ Misleading platforms, and scams
β‘οΈ Autonomous weapon systems and military
β‘οΈ Awful research
π ππΌ https://github.com/daviddao/awful-ai
#awful #ai #answers #guide #tool #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Awful AI is a curated list to track current scary usages of AI - hoping to raise awareness to its misuses in society
Artificial intelligence in its current state is unfair, easily susceptible to attacks and notoriously difficult to control. Often, AI systems and predictions amplify existing systematic biases even when the data is balanced. Nevertheless, more and more concerning the uses of AI technology are appearing in the wild. This list aims to track all of them. We hope that Awful AI can be a platform to spur discussion for the development of possible preventive technology (to fight back!).
β‘οΈ Discrimination
β‘οΈ Influencing, disinformation, and fakes
β‘οΈ Surveillance
β‘οΈ Social credit systems
β‘οΈ Misleading platforms, and scams
β‘οΈ Autonomous weapon systems and military
β‘οΈ Awful research
π ππΌ https://github.com/daviddao/awful-ai
#awful #ai #answers #guide #tool #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
GitHub
GitHub - daviddao/awful-ai: πAwful AI is a curated list to track current scary usages of AI - hoping to raise awareness
πAwful AI is a curated list to track current scary usages of AI - hoping to raise awareness - daviddao/awful-ai
Forwarded from Privacy Matters π‘οΈ
All the ways your Phone tracks your location.
πΉ Watch it via:
YouTube || Invidious
π‘ @howtobeprivateonline
#Surveillance #Location #Privacy #Guide
Your phone (Android or iPhone) is tracking your location even if you disable Location Services, turn on airplane mode, and disable Bluetooth. Learn how to stop it once and for all.
πΉ Watch it via:
YouTube || Invidious
π‘ @howtobeprivateonline
#Surveillance #Location #Privacy #Guide
Forwarded from Privacy Matters π‘οΈ
Media is too big
VIEW IN TELEGRAM
How to use Tor on your phone
πΉ Watch it via:
YouTube || Invidious
π Get TOR for:
β’ Android via: Website || F-Droid || Play Store
β’ iOS via: Apple Store
π‘ @howtobeprivateonline
#TOR #Privacy #Guide #Browser #VPN
In this anonymity tutorial, you'll learn how to use Tor on your phone - both Tor Browser and Orbot on Android, and Onion Browser on iOS.
πΉ Watch it via:
YouTube || Invidious
π Get TOR for:
β’ Android via: Website || F-Droid || Play Store
β’ iOS via: Apple Store
π‘ @howtobeprivateonline
#TOR #Privacy #Guide #Browser #VPN
Forwarded from BlackBox (Security) Archiv
Forensic guide to iMessage, WhatsApp, Telegram, Signal and Skype data acquisition
Instant messaging apps have become the de-facto standard of real-time, text-based communications. The acquisition of instant messaging chats and communication histories can be extremely important for an investigation. In this article, we compare the five top instant messaging apps for iOS in the context of their forensic analysis.
Acquisition and Extraction
Speaking of iOS, there are several methods to acquiring communications going through an instant messaging app. The MITM (man-in-the-middle) attack is practically out of the question for most modern instant messaging apps; if there are exceptions, we arenβt aware of those. Even on Android devices, a MITM attack would require installing a third-party SSL certificate, and even that may not work for some instant messengers.
The ability to obtain communication histories from the vendor is a great tool in the hands of the law enforcement. The policies of different vendors vary greatly from near-instant full disclosure to flat non-disclosure with stops in between. Weβll discuss it in detail for each of the messaging apps.
Cloud extraction may be possible from several sources, which include iCloud synchronized data (including end-to-end encrypted data), iCloud backups and stand-alone backups in iCloud Drive. Itβs up to the vendor to decide where and how to store the data; more on that later.
Finally, the data can be extracted from the iPhone device itself. For some messaging apps, logical extraction via iTunes-style backups is enough, while some other messengers donβt store anything in local backups. Imaging the file system (and, in some cases, decrypting the keychain) is always enough to gain full access to conversation histories.
So let us see the different extraction options available for the five top instant messaging apps for iOS.
https://blog.elcomsoft.com/2020/04/forensic-guide-to-imessage-whatsapp-telegram-signal-and-skype-data-acquisition/
#forensic #guide #imessage #whatsapp #telegram #signal #skype
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Instant messaging apps have become the de-facto standard of real-time, text-based communications. The acquisition of instant messaging chats and communication histories can be extremely important for an investigation. In this article, we compare the five top instant messaging apps for iOS in the context of their forensic analysis.
Acquisition and Extraction
Speaking of iOS, there are several methods to acquiring communications going through an instant messaging app. The MITM (man-in-the-middle) attack is practically out of the question for most modern instant messaging apps; if there are exceptions, we arenβt aware of those. Even on Android devices, a MITM attack would require installing a third-party SSL certificate, and even that may not work for some instant messengers.
The ability to obtain communication histories from the vendor is a great tool in the hands of the law enforcement. The policies of different vendors vary greatly from near-instant full disclosure to flat non-disclosure with stops in between. Weβll discuss it in detail for each of the messaging apps.
Cloud extraction may be possible from several sources, which include iCloud synchronized data (including end-to-end encrypted data), iCloud backups and stand-alone backups in iCloud Drive. Itβs up to the vendor to decide where and how to store the data; more on that later.
Finally, the data can be extracted from the iPhone device itself. For some messaging apps, logical extraction via iTunes-style backups is enough, while some other messengers donβt store anything in local backups. Imaging the file system (and, in some cases, decrypting the keychain) is always enough to gain full access to conversation histories.
So let us see the different extraction options available for the five top instant messaging apps for iOS.
https://blog.elcomsoft.com/2020/04/forensic-guide-to-imessage-whatsapp-telegram-signal-and-skype-data-acquisition/
#forensic #guide #imessage #whatsapp #telegram #signal #skype
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
ElcomSoft blog
Forensic guide to iMessage, WhatsApp, Telegram, Signal and Skype data acquisition
Instant messaging apps have become the de-facto standard of real-time, text-based communications. The acquisition of instant messaging chats and communication histories can be extremely important for an investigation. In this article, we compare the fiveβ¦
Madaidan's Linux Hardening Guide
https://madaidans-insecurities.github.io/guides/linux-hardening.html
#madaidan #Linux #Hardening #Guide
https://madaidans-insecurities.github.io/guides/linux-hardening.html
#madaidan #Linux #Hardening #Guide
Media is too big
VIEW IN TELEGRAM
Welcome to Go Incognito, your guide to security, privacy & anonymity in our world. From digital protection, to physical safety, Go Incognito will cover all you need to advance through your privacy journey.
Topics include FOSS, metadata, password management, permissions, two-factor authentication, search engines, browser configuration, proxies, VPNs, antiviruses, encryption, communication, Tor, operating systems, cryptocurrencies, networking, activism, and so much more.
https://techlore.tech/goincognito.html
Watch it on:
https://tube.privacytools.io/accounts/techlore/video-channels
https://techlore.tech/assets/GoIncognito.torrent
https://www.youtube.com/watch?v=Y19RFmOxfVM
Text and link sources:
https://github.com/techlore-official/go-incognito
π‘ @techloreofficial
π₯ @techloregroup
#guide #goincognito #privacy #anonymity #security #techlore
Topics include FOSS, metadata, password management, permissions, two-factor authentication, search engines, browser configuration, proxies, VPNs, antiviruses, encryption, communication, Tor, operating systems, cryptocurrencies, networking, activism, and so much more.
https://techlore.tech/goincognito.html
Watch it on:
https://tube.privacytools.io/accounts/techlore/video-channels
https://techlore.tech/assets/GoIncognito.torrent
https://www.youtube.com/watch?v=Y19RFmOxfVM
Text and link sources:
https://github.com/techlore-official/go-incognito
π‘ @techloreofficial
π₯ @techloregroup
#guide #goincognito #privacy #anonymity #security #techlore
Forwarded from BlackBox (Security) Archiv
Setup for testing Android app vulnerabilities
In the previous article I documented my approach for reverse engineering an Android game. But getting my hands on the code is only one part of security research. Once a potential issue is identified, I need to verify that it is actually exploitable. So there is no way around messing with an actual live app. Ideally that has to happen in a controlled environment with emulated hardware. As before, this is mostly me writing things down for my future self, but it might come useful for other people as well.
π‘ Contents
β Choosing a virtualization approach
β Setting up Android SDK
β Minimal proof of concept Android app
β Adding debugging output to the target application
https://palant.info/2021/02/22/setup-for-testing-android-app-vulnerabilities/
#setup #testing #android #app #vulnerabilities #guide
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
In the previous article I documented my approach for reverse engineering an Android game. But getting my hands on the code is only one part of security research. Once a potential issue is identified, I need to verify that it is actually exploitable. So there is no way around messing with an actual live app. Ideally that has to happen in a controlled environment with emulated hardware. As before, this is mostly me writing things down for my future self, but it might come useful for other people as well.
π‘ Contents
β Choosing a virtualization approach
β Setting up Android SDK
β Minimal proof of concept Android app
β Adding debugging output to the target application
https://palant.info/2021/02/22/setup-for-testing-android-app-vulnerabilities/
#setup #testing #android #app #vulnerabilities #guide
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Almost Secure
Setup for testing Android app vulnerabilities
Documenting my setup: Android emulator, minimal Android app and instrumenting the target app via Soot to get debugging info.
Forwarded from BlackBox (Security) Archiv
How to turn off the ANDROID TRACKING SERVICES [ROOT required]
Let's start:
ππΌ Download Termux from Google Playstore and install and open it.
Install Packages:
https://drive.google.com/drive/folders/1_G6-M8ToF0PsjY0HIrZIAVrTHT6nbptE
π‘ (Please always use the latest version)
ππΌ Unpack to ππΌ /sdcard and then enter the following command...:
ππΌ Then enter:
tsu
After that, just reboot your device and the job is done.
#root #android #tracking #services #guide
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Let's start:
ππΌ Download Termux from Google Playstore and install and open it.
Install Packages:
pkg install aapt jq tsu curl -y( Asks for root privileges, allow this βοΈππ½)
cd /data/data/com.termux/files/usr/binππΌ Download the script from here:
cp -R aapt /system/xbin/aapt
cp -R jq /system/xbin/jq
cp -R curl /system/xbin/curl
chmod +x /system/xbin/aapt
chmod +x /system/xbin/jq
chmod +x /system/xbin/curl
https://drive.google.com/drive/folders/1_G6-M8ToF0PsjY0HIrZIAVrTHT6nbptE
π‘ (Please always use the latest version)
ππΌ Unpack to ππΌ /sdcard and then enter the following command...:
termux-setup-storage
(grant permission)ππΌ Then enter:
cd /sdcard(with root) ππ½
tsu
bash DisableTrackers.sh sys
(Add βοΈ)After that, just reboot your device and the job is done.
#root #android #tracking #services #guide
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag