Sec-88
  • 🧑Whoami
  • 🕸️Web-AppSec
    • Features Abuse
      • 2FA
      • Ban Feature
      • CAPTCHA
      • Commenting
      • Contact us
      • File-Upload
      • Inviting Feature
      • Messaging Features
      • Money-Related Features
      • Newsletter
      • Profile - Settings
      • Registration
      • Reset Password
      • Review
      • Rich Editor/Text
      • Social Sharing
      • Billing-Shipping Address Management
      • Integrations - Webhooks
      • API Key Management
    • Reconnaissance
      • Attacking Organizations with big scopes
    • Subdomain Enumeration
    • Fingerprinting
    • Dorking
    • XSS-HTML Injection
    • Improper Authentication
      • JWT Security
    • OAUTH Misconfigurations
      • OAuth 2.0 Basics
      • OAUTH Misconfigurations
    • Auth0 Misconfigurations
    • Broken Access Control
      • Insecure Direct Object References (IDOR)
      • 403 Bypass
    • Broken Link Injection
    • Command Injection
    • CORS
    • CRLF
    • CSRF
    • Host Header Attacks
    • HTTP request smuggling
    • JSON Request Testing
    • LFI
      • LFI to RCE
    • No Rate Limit
    • Parameters Manual Testing
    • Open Redirect
    • Registration & Takeover Bugs
    • Remote Code Execution (RCE)
    • Session Fixation
    • SQL Injection
      • SQL To RCE
    • SSRF
    • SSTI
    • Subdomain Takeover
    • Web Caching Vulnerabilities
    • WebSockets
    • XXE
      • XXE to RCE
    • Cookie Based Attacks
    • CMS
      • AEM [Adobe CMS]
    • XSSI (Cross Site Script Inclusion)
    • NoSQL injection
    • Local VS Remote Session Fixation
    • Protection
      • Security Mechanisms for Websites
      • Cookie Flags
      • SameSite Cookie Restrictions
      • Same-origin policy (SOP)
      • CSP
    • Hacking IIS Applications
    • Dependency Confusion
    • Attacking Secondary Context
    • Hacking Web Sockets
    • IDN Homograph Attack
    • DNS Rebinding Attack
    • LLM Hacking Checklist
    • Bypass URL Filtration
    • Cross-Site Path Traversal (CSPT)
    • PostMessage Security
    • Prototype Pollution
      • Client-Side Prototype Pollution
      • Server-Side prototype pollution
    • Tools-Extensions-Bookmarks
    • WAF Bypassing Techniques
    • SSL/TLS Certificate Lifecycle
    • Serialization in .NET
    • Client-Side Attacks
      • JavaScript Analysis
    • Bug Bounty Platforms/Programs
    • DNS Dangling / NS Takeover
  • ✉️API-Sec
    • GraphQL API Security Testing
      • The Basics
      • GraphQL Communication
      • Setting Up a Vulnerable GraphQL Server
      • GraphQL Hacking Tools
      • GraphQL Attack Surface
      • RECONNAISSANCE
      • GraphQL DOS
      • Information Disclosure
      • AUTHENTICATION AND AUTHORIZATION BYPASSES
      • Injection Vulnerabilities in GraphQL
      • REQUEST FORGERY AND HIJACKING
      • VULNERABILITIES, REPORTS AND EXPLOITS
      • GraphQL Hacking Checklist
    • API Recon
    • API Token Attacks
    • Broken Object Level Authorization (BOLA)
    • Broken Authentication
    • Evasive Maneuvers
    • Improper Assets Management
    • Mass Assignment Attacks
    • SSRF
    • Injection Vulnerabilities
    • Excessive Data Exposure
    • OWASP API TOP 10 MindMap
    • Scanning APIs with OWASP ZAP
  • 📱Android-AppSec
    • Setup Android App Pentesting environment on Arch
    • Setup Android App Pentesting environment on Mac M4
    • Setup Android Pentesting Environment on Debian Linux
    • Android App Fundamentals
      • Android Architecture
      • Android Security Model
      • Android App Components
        • Intents
        • Pending Intents
    • Android App Components Security Cheatsheet
    • Android App Pentesting Checklist
    • How To Get APK file for application
    • ADB Commands
    • APK structure
    • Android Permissions
    • Exported Activity Hacking
    • BroadcastReceiver Hacking
    • Content Provider Hacking
    • Signing the APK
    • Reverse Engineering APK
    • Deep Links Hacking
    • Drozer Cheat Sheet
    • SMALI
      • SMALI Cheat Sheet
      • Smali Code Patching Guide
    • Intent Redirection Vulnerability
    • Janus Vulnerability (CVE-2017-13156)
    • Task Hijacking
    • Hacking Labs
      • Injured Android
      • Hacking the VulnWebView Lab
      • Hacking InsecureBankv2 App
    • Frida Cheat Sheet
  • 📶Network-Sec
    • Networking Fundamentals
    • Open Ports Security Testing
    • Vulnerability Scanning
    • Client Side Attacks
    • Port Redirection and Tunneling
    • Password Attacks
    • Privilege Escalation [PrevEsc]
      • Linux Privilege Escalation
    • Buffer Overflow (BOF)
      • VulnServer
      • Sync Breez Enterprize
      • Crashed CTF
      • BOF for Linux
    • AV Evasion
    • Post Exploitation
      • File Transfer
      • Maintaining Access
      • Pivoting
      • Clean Up
    • Active Directory
      • Basic AD Pentesting
  • 💻Desktop AppSec
    • Thin Client vs. Thick Client
  • ☁️Cloud Sec
    • Salesforce Hacking
      • Basics
      • Salesforce SAAS Apps Hacking
    • Firebase
    • S3 Buckets Misconfigurations
    • Amazon Cognito Misconfiguraitons
  • 👨‍💻Programming
    • HTML
    • JavaScript (JS)
      • window.location object
    • Python
      • Python Tips
      • Set
        • SetMethods
    • JAVA
      • Java Essentials
      • Java Essentials Code Notes
      • Java OOP1
      • JAVA OOP Principles
        • Inheritance
        • Method Overriding
        • Abstract Class
        • Interface
        • polymorphism
        • Encapsulation
        • Composition
      • Java OOP Challenges
      • Exception Handling
    • Go
      • Go Syntax Tutorial in one file
      • Methods and Interfaces
      • Go Slices
      • Go Maps
      • Go Functions
      • Concurrency
      • Read Files
      • Write Files
      • Package
        • How to make personal Package
        • regexp Packages
        • Json
        • bufio
        • Time
      • Signals-Exit
      • Unit Testing
  • 🖥️Operating Systems
    • Linux
      • Linux Commands
      • Tools
      • Linux File System
      • Bash Scripting guide
      • tmux
      • Git
      • Install Go tools from private repositories using GitHub PAT
    • VPS
    • Burp Suite
  • ✍️Write-Ups
    • Hunting Methodology
    • API BAC leads to PII Data Disclosure
    • Misconfigured OATUH leads to Pre-Account Takeover
    • Automating Bug Bounty with GitHub Actions
    • From Recon to Reward: My Bug Bounty Methodology when Hunting on Public Bug Bounty Programs
    • Exploring Subdomains: From Enumeration to Takeover Victory
    • 0-Click Account Takeover via Insecure Password Reset Feature
    • How a Simple Click Can Lead to Account Takeover: An OAuth Insecure Implementation Vulnerability
    • The Power Of IDOR even if it is unpredictable IDs
    • Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens
    • AI Under Siege: Discovering and Exploiting Vulnerabilities
    • Inside the Classroom: How We Hacked Our Way Past Authorization on a Leading EdTech Platform
    • How We Secured Our Client’s Platform Against Interaction-Free Account Thefts
    • Unchecked Privileges: The Hidden Risk of Role Escalation in Collaborative Platforms
    • Decoding Server Behavior: The Key to Mass Account Takeover
    • Exploiting JSON-Based CSRF: The Hidden Threat in Profile Management
    • How We Turned a Medium XSS into a High Bounty by Bypassing HttpOnly Cookie
  • IOS-AppSec
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub

Android-AppSec

If you enjoy what I do, please support me Buy Me Ko-fi! https://ko-fi.com/h0tak88r

PreviousScanning APIs with OWASP ZAPNextSetup Android App Pentesting environment on Arch

Last updated 16 hours ago

Was this helpful?

  1. Learned Web Pentesting

  2. Learned JAVA basics and OOP

    1. -> Arabic Course

    2. -> Arabic Course

  3. Learned Android App Development

    1. -> Arabic Course ( i was focusing on java so i didn't study kotlin part)

    2. -> Arabic Course

    3. -> English Course

  4. Learned Android App Pentesting basics

    1. -> Arabic Course

  5. Dive in Android App Hacking World

    1. \

Android Security Awesome

This section contains materials on the security of Android applications, including various articles, studies, analysis tools and useful libraries to ensure the security of applications.

Analysis Tools

This block is broken into several parts. First, you can see common solutions for analyzing and searching for vulnerabilities. Some of them intersect with tools for iOS, because among them there are universal frameworks (but few of them).

Then there are tools used for dynamic analysis (it is necessary to run the application on a real device or emulator).

Well, the last point - the tools available online, using which you can download the application file and get the result after a while.

General

References

Dynamic analysis

References

Online analyzers

References

Vulnerable Applications

Various vulnerable applications that can be trained in analysis and see what security problems are at all.

References

Articles

This is the largest section of all. Here are articles on various topics related to Android security. Separately collected all Russian-language materials, as well as articles using Frida.

Ru

References

En

References

Frida

Others

  • Dynamic Analysis of Inside Android Cloning Apps

  • Tik-Tok App Analisys

  • Exploiting Android Messengers with WebRTC

- free and open-source platform to Android analysis applications

- print the key, key key key, algorithm parameters, keystore password in logcat

- Defeat Java packers via Frida instrumentation

- Security checks for release assemblies

- This is a cheatsheet to install tools required for i0S and Android application pentesting

📱
Pithus
(github)
CuckooDroid 2.0 - Automated Android Malware Analysis
QARK - An Obfuscation-Neglect Android Malware Scorping System
QARK – Quick Android Review Kit
ProxyDroid
ADB Toolkit
InjectFake SecurityProvider
MEDUSA
diffuse
ApkDiff
GDA(GJoy Dex Analyzer)
APKProxyHelper
APKLab
RASE - Persistent Rooting Android Studio Emulator
EdXposed Framework
fridroid-unpacker
CheckKarlMarx
parserDex
Androguard
Amandroid – A Static Analysis Framework
Androwarn – Yet Another Static Code Analyzer
APK Analyzer – Static and Virtual Analysis Tool
APK Inspector – A Powerful GUI Tool
Droid Hunter – Android application vulnerability analysis and Android pentest tool
Error Prone – Static Analysis Tool
Findbugs – Find Bugs in Java Programs
Find Security Bugs – A SpotBugs plugin for security audits of Java web applications.
Flow Droid – Static Data Flow Tracker
Smail/Baksmail – Assembler/Disassembler for the dex format
Smail-CFGs – Smail Control Flow Graph’s
SPARTA – Static Program Analysis for Reliable Trusted Apps
Thresher – To check he reachability properties
Vector Attack Scanner – To Search Points to Volilial Attack
Gradle Static Analysis Plugin
Android Check – Static Code Analysis Slyn for Android Project
APK Leaks – Scanning APK file for URIS, endpoints & secrets
fridax
MOBEXLER
Generate Malformed QRCodes
Tool for Injecting Malicious Payloads Into Barcodes
AFL - american fuzzy lop
Setup for i0S and Android Application Analysis
AES Killer (Burpsuite Plugin)
ReFlutter
Lief
Mobile Verification Toolkit
Stingray
Adhritis - Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks
Android Hooker - Opensource project for Dynamic Analysiss of Android Applications
AppAudit - Online tool (including an API) use dynamic and static analysis
AppAduct - A bare-metal analysis tool on Android devices
DroidBox - Dynamic Analysis of Android Applications
Droid-FF - Android File Fuzzing Framework
Drozer
Marvin - Analyses Android applications and allow tracking of an app
Inspeckage
PATDroid - Collection of tools and data structures for Android applications
AndroL4b - Android security virtual machine on ubuntu-mate
Radare2 - Unix-like reverse engineering framework and commandline tools
Cutter - Free and Open Source RE Platform Powered by Darree2
ByteCodeViewer - Android APK Reverse Engineering Suite (Decomiler, Editor, Debugger)
Mobile-Security-Framework MobS
Runtime Mobile Security (RMS) - is a powerful web interface that helps you manipulate to Android and iOS Apps at Runtime
Android APK Decompiler
Ostor Lab
Quixxi
Visual Threat
Allsafe
InsecureShop
OWASP: OMTG-Hacking-Playground
Daman insecure and App (DIVA)
Damn-Vulnerable-Bank
InjuredAndroid
Damn Vulnerable Hybrid Mobile App (DVHMA)
ExploitMe labs by SecurityCompass
InsecureBankV2
Sieve (Vulnerable ‘Password Manager’ app)
sievePWN
Android Labs
Digitalbank
Dodo Voluline Bank
Oracle android app
Urdu vulnerability app
MOshZuk
File
Appknox
Vuln app
Daman Vulnerable FirefoxOS Application
Android Security Sandbox
OVAA (Oversecured Vulnerable Android App)
SecurityShepherd
OWASP-mstg
Purpose very Insecure and Vulnerable Android Application (PIIVA)
Sieve app
Vulnerable Android Application
Android - Security
VulnDroid
FridaLab
Santoku Linux - Mobile Security VM
Vuldroid
DamanVulnerableCryptoApp
Development of Android security mechanisms (from version to version)
Security of mobile OAuth 2.0
Android Task Hijacking. We analyze the actual technique of replacing applications in Android
Checked with PVS-Studio Android source codes, or no one is perfect
Replace Runtime Permissions in Android
How root rights and alternative firmware make your Android smartphone vulnerable
Drozer, emulator and elven crutches
Tiktok data acquisition Frida tutorial, Frida Java Hook detailed explanation: code and example. Part 1
Tiktok data acquisition Frida tutorial, Frida Java Hook detailed explanation: code and example. Part 2
Frida. 11x256's Reverse Engineering blog
Blog about Frida. grepharder blog
Frida Scripting Guide
Android Hacking with FRIDA
How to Direct Android Native Terms with Frida (Noob Friendly)
Frida scripting guide for Java
Reverse Engineering Nike Run Club Android App Used Frida
Penttesting Android Apps Using Frida
Android Root Detection Bypass Using Objection and Frida Scripts
Mobile Pentesting With Frida
How to use FRIDa to bruteforce Secure Startup with FDE-encryption on a Samsung G935F Android running 8
Decrypting Mobile App using AES Killer and Frida
How Learning to Use Frida with Unity App
Beginning Frida: Learning Frida use on Linux and (just a bit on) Wintel and Android systems with Python and JavaScript (Frida. hooking, and other tools)
Selection of dyscalos with HackerOne
Detailed instructions for setting up the working environment
Android Security Workshop
OWASP Top 10: Static Analysis of Android Application & Tools Used
Android security checklist: WebView
Use cryptography in mobile apps the right way
Why Dynamic Code Downloading Can Be Massacred for Your Apps: a Google Example
Arbitrary code execution on Facebook for Android through download feature
Android Webview Exploited
Android: Gaining access to* Content Orders
Exploiting memory corruption on Android events
Two Weeks of Samsung Devices Sple: Part 1
Two Weeks of Samsung Devices Seased: Part 2
Evernote: Universal-XSS, theft of all cookies from all sites, and more
Interception of Android implicit intents
TikTok: three persistent code executions and one theft of simple files
Oversecured Extraquires Stop Code Executed In the Google Play Core Library
Persistent execution code in Android's Google Play Core Library: details, explanation and the PoC - CVE-2020-8913
Android: Access to App Protective Computers
Android: code execution third via third-party package contexts
24,000 Android apps user data via Firebase blunders
The Wolf is Back - Android malware modification
Modern Security in Android. Part 1
Modern Security in Android. Part 2
Modern Security in Android. Part 3
Android IPC: Part 1 – Introduction
Android IPC: Part 2 – Binder and Service Manager Perspective
StrandHogg 2
Towards Discovering and Understanding Task Hijacking in Android
Aarrogya setu spyware analisys
Playing Around With The Fuchsia Operating System Security
Intercepting traffic from Android Flutter applications
SafetyNet's dreaded hardware attestation
Tiltoning in Android 11
Snapchat detection on Android
Reversing an Android app Protector, Part 1 – Code Obfuscation & RASP
Reversing an Android app Protector, Part 2 – Assets and Code Encryption
Reversing an Android app Protector, Part 3 – Code Virtualization
Structured fuzzing Android's NFC
MMS Exploit Part 1: Introduction to the Samsung Qmage Codec and Remote Attack Surface
DJI ANDROID GO 4 APPLICATION SECURITY ANALYSIS
B3nac - Android application
Part 1
Part 2
TikTok: Logs, Logs, Logs
TikTok: What is an app log?
TikTok: The disinformation is everywhere
Part 1
Part 2
Part 3
Android Pentesting Labs - Step by Step Guide for
An Android Hacking Primer
Secure and Android Device
Security tips
OWASP Mobile Security Testing Guide
Security Testing for Android Cross Platform Application
Dive deep in Android Application Security
Mobile Security Testing Guide
Mobile Application Penetration Testing Cheat Sheet
Android Applications Reversing 101
Android Security Guidelines
Android WebView Vulnerabilities
OWASP Mobile Top 10
Practical Android Phone Forensics
Mobile Reverse Engineering Unleashed
Quark-engine - An Obfuscation-Neglect Android Malware Scoring System
Root Detection Bypass By Manual Code Manipulation.
GEOST BOTNET - the discovery of a new Android banking trojan
Magisk Systemless Root - Detection and Remediation
AndrODet: An adaptive Android obfuscation detector
Hands On Mobile API Security
Zero to Hero - Mobile Application Testing - Android Platform
Android Malware Adventures
AAPG - Android application testing guide
Bypassing Android Anti-Emulation
Bypassing Xamarin Certificate Pinning
Configuring Burp Suite With Android Nougat
Inspecting Android HTTP with a fake VPN
Outlook for Android XSS
Universal XSS in Android WebView
Mobile Blackhat Asia 2020
Lockscreen and Authentication Improvements in Android 11
Firefox: How a website can bet all your cookies
Exploiting a Single Instruction Race Condition in Binder
An iOS hacker try Android
Hack crypto secrets from heap memory to exploit Android application
A Special Attack Surface of the Android System (1): Evil Dialog Box
Launching Internal & Non-Exported Deeplinks On Facebook
Reverse Engineering Flutter for Android
Persistant Arbitrary code execution in mass android
Common Hals When Using In Android
The art of exploiting UAF by Ret2bpf in Android kernel
Re route Your Intent for Privilege Escalation (A Universal Way to Exploit Android Pending Intents in High profile and System Apps)
A Deep Dive in Privacy Dashboard of Top Android Vendors
Android Component Security | The Four Horsemen
Android Application Testing Using Windows 11 and Windows Subsystem for Android
Android Awesome Security
Forensic guide to iMessage, WhatsApp, Telegram, Signal and Skype data acquisition
Malware Uses Corporate MDM as attack vector
Mobexler Checklist
Ad Fraud Spotted in Barcode Reader Malware Analysis
Researching Confid Messenger Encryption
Reverse Engineering Snapchat (Part I): Obfuscation Techniques
Reverse Engineering Snapchat (Part II): Deobfuscating the Undeobfuscatable
Firebase Cloud Messaging Service Takeover
Saying Goodbye to My Favorite 5 Minute P1
Reverse engineering Flutter apps (Part 1)
How I Hacked Facebook Again!
Instagram_RCE: Code Execution Vulnerability in Instagram App for Android and iOS
How to UseGhidra to Reverse Engineer Mobile Application
React Native Application Static Analysis
Pentesting Non-Proxy Aware Mobile Applications Without Root/Jailbreak
2 Click Remote Code execution in Evernote Android
Android 13 deep dive: Every change up to DP2, documented
Lazy Programmers
OOP (omarAhmed)
lazyProgrammers
Android App Java Tutorials
freeCodeCamp
Android Application Pen-testing Course
Guide to Android Application Bug Bounty
Android App Hacking - Black Belt Edition
Hack-Tricks
Frida for Beginners
overSecuredBlog
elcapitano-blog
Android-Security-Teryaagh/00-Roadmap/Android-Security-Roadmap.pdf at main · Ralireza/Android-Security-TeryaaghGitHub
Logo