ARTful: A library for dynamically modifying the Android Runtime
https://github.com/LaurieWired/ARTful
https://github.com/LaurieWired/ARTful
GitHub
GitHub - LaurieWired/ARTful: The ARTful library for dynamically modifying the Android Runtime
The ARTful library for dynamically modifying the Android Runtime - LaurieWired/ARTful
🔥11👍5❤4
Katalina - new tool that executes Android byte code, enabling to deobfuscate strings in Android malware
It’s written in Python and emulates each individual bytecode instruction that was used back in the day for Android
https://github.com/huuck/Katalina
https://www.humansecurity.com/tech-engineering-blog/katalina-an-open-source-android-string-deobfuscator
It’s written in Python and emulates each individual bytecode instruction that was used back in the day for Android
https://github.com/huuck/Katalina
https://www.humansecurity.com/tech-engineering-blog/katalina-an-open-source-android-string-deobfuscator
GitHub
GitHub - huuck/Katalina: Katalina is like Unicorn but for Dalvik bytecode. It provides an environment that can execute Android…
Katalina is like Unicorn but for Dalvik bytecode. It provides an environment that can execute Android bytecode one instruction at a time. - huuck/Katalina
🔥16👍10❤3
PoC how to trigger Remote Code Execution in Over-the-Air attack targeting Google Pixel 6
Victim perspective: Connect to attacker's fake base station -> receive call -> PWND!
Demo: https://youtu.be/R-XXpG_mZZI
Slides: https://i.blackhat.com/BH-US-23/Presentations/US-23-Karimi-Over-the-Air-Under-the-Radar.pdf
Victim perspective: Connect to attacker's fake base station -> receive call -> PWND!
Demo: https://youtu.be/R-XXpG_mZZI
Slides: https://i.blackhat.com/BH-US-23/Presentations/US-23-Karimi-Over-the-Air-Under-the-Radar.pdf
YouTube
Android Red Team: Over the Air, Under the Radar. Attacking and Securing the Pixel Modem
😱14👍4🔥2
Android Data Encryption in depth
https://blog.quarkslab.com/android-data-encryption-in-depth.html
https://blog.quarkslab.com/android-data-encryption-in-depth.html
Quarkslab
Android Data Encryption in depth - Quarkslab's blog
Join us in our journey into modern Android's Data Encryption at rest, in which we study how it works and assess how resistant it is against attackers having access to a range of high end software vulnerabilities.
👍13
NetHunter Hacker VII: Wi-Fi compatibility check and setup on Android
https://www.mobile-hacker.com/2023/08/15/nethunter-hacker-vii-wi-fi-compatibility-check-and-setup-on-android/
https://www.mobile-hacker.com/2023/08/15/nethunter-hacker-vii-wi-fi-compatibility-check-and-setup-on-android/
Mobile Hacker
NetHunter Hacker VII: Wi-Fi compatibility check and setup on Android Mobile Hacker
If you are interested in Wi-Fi hacking using NetHunter, you need to have a supported Wi-Fi adapter by your system that can supports various wireless modes and features. In this blogpost, we will explain what the different types of Wi-Fi adapters are, how…
👍14❤2🤔1
Mobile Malware Analysis Part 1 – Leveraging Accessibility Features To Steal Crypto Wallet
https://8ksec.io/mobile-malware-analysis-part-1-crypto-wallet-stealer/
https://8ksec.io/mobile-malware-analysis-part-1-crypto-wallet-stealer/
👍14
Forwarded from The Bug Bounty Hunter
Making Chrome more secure by bringing Key Pinning to Android
http://security.googleblog.com/2023/08/making-chrome-more-secure-by-bringing.html
http://security.googleblog.com/2023/08/making-chrome-more-secure-by-bringing.html
Google Online Security Blog
Making Chrome more secure by bringing Key Pinning to Android
Posted by David Adrian, Joe DeBlasio and Carlos Joan Rafael Ibarra Lopez, Chrome Security Chrome 106 added support for enforcing key pins...
👍9❤3👏1🤔1
Over 3,000 Android Malware Samples Using Multiple Techniques to Bypass Detection
https://www.zimperium.com/blog/over-3000-android-malware-samples-using-multiple-techniques-to-bypass-detection/
https://www.zimperium.com/blog/over-3000-android-malware-samples-using-multiple-techniques-to-bypass-detection/
Zimperium
Unsupported Compression Methods Enable Android Malware to Bypass Detection
true
👍16🤔3
Unmasking – EVLF DEV - The Creator of Android CypherRAT and CraxsRAT
https://www.cyfirma.com/outofband/unmasking-evlf-dev-the-creator-of-cypherrat-and-craxsrat/
https://www.cyfirma.com/outofband/unmasking-evlf-dev-the-creator-of-cypherrat-and-craxsrat/
CYFIRMA
Unmasking - EVLF DEV-The Creator of CypherRAT and CraxsRAT - CYFIRMA
EXECUTIVE SUMMARY The CYFIRMA research team has discovered a new Malware-as-a-service (MaaS) operator that goes by the moniker EVLF DEV....
👍19👏2
Content Providers and the potential weak spots they can have
https://blog.oversecured.com/Content-Providers-and-the-potential-weak-spots-they-can-have/
https://blog.oversecured.com/Content-Providers-and-the-potential-weak-spots-they-can-have/
News, Techniques & Guides
Content Providers and the potential weak spots they can have
Before we jump into the details, we want to stress how important it is to keep your users' data safe.
👍16
NetHunter Hacker VIII: Wi-Fi hacking using wifite, deauthentication and wardriving
https://www.mobile-hacker.com/2023/08/29/nethunter-hacker-viii-wi-fi-hacking-using-wifite-deauthentication-and-wardriving/
https://www.mobile-hacker.com/2023/08/29/nethunter-hacker-viii-wi-fi-hacking-using-wifite-deauthentication-and-wardriving/
Mobile Hacker
NetHunter Hacker VIII: Wi-Fi hacking using wifite, deauthentication and wardriving Mobile Hacker
This blog will provide you with information on the several techniques and tools used to attack Wi-Fi networks using NetHunter app. We'll talk about the various tools such as the wifite, shed light on the deauthentication attack technique, and explore the…
👍18❤5🤔4
Technical Analysis of Multi-layered Obfuscation Techniques in AndroidManifest.xml Aimed at Evading Static Analysis
https://www.liansecurity.com/#/main/news/H_NoQIoBE2npFSfF-iQ5/detail
https://www.liansecurity.com/#/main/news/H_NoQIoBE2npFSfF-iQ5/detail
🔥8👍3🤡3💩1💅1
Mobile Malware Analysis Part 2 – MasterFred
https://8ksec.io/mobile-malware-analysis-part-2-masterfred/
https://8ksec.io/mobile-malware-analysis-part-2-masterfred/
👍7❤1
Android Goes All-in on Fuzzing
https://security.googleblog.com/2023/08/android-goes-all-in-on-fuzzing.html
https://security.googleblog.com/2023/08/android-goes-all-in-on-fuzzing.html
Google Online Security Blog
Android Goes All-in on Fuzzing
Posted by Hamzeh Zawawy and Jon Bottarini, Android Security Fuzzing is an effective technique for finding software vulnerabilities. Over ...
👍8
Obfuscating Android Apps with Native Code
The presentation explores writing Android applications in purely native code to obfuscate app flow-of-control
Resources: https://github.com/LaurieWired/AndroidPurelyNative_Troopers23
Presentation: https://youtu.be/wayMcQQZV1U?si=UJ6m_6jogtzcnNBF
The presentation explores writing Android applications in purely native code to obfuscate app flow-of-control
Resources: https://github.com/LaurieWired/AndroidPurelyNative_Troopers23
Presentation: https://youtu.be/wayMcQQZV1U?si=UJ6m_6jogtzcnNBF
GitHub
GitHub - LaurieWired/AndroidPurelyNative_Troopers23: This contains notes and code for my Troopers23 Beyond Java talk
This contains notes and code for my Troopers23 Beyond Java talk - GitHub - LaurieWired/AndroidPurelyNative_Troopers23: This contains notes and code for my Troopers23 Beyond Java talk
🔥8❤1👍1
Trojanized Signal and Telegram apps were discovered on Google Play and Galaxy Store
Patched Signal is the first documented case of spying on a victim’s Signal communications by secretly autolinking the compromised device to attacker’s Signal device
https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/
Patched Signal is the first documented case of spying on a victim’s Signal communications by secretly autolinking the compromised device to attacker’s Signal device
https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/
Welivesecurity
BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps
ESET research uncovers active campaigns linked to the China-aligned APT group known as GREF that distributing espionage code previously targeting Uyghurs.
👍11
Bypassing Hardened Android Application available on the Play Store
-Root Detection Check in Native Java code and in React Native file
-Emulator Check
-Frida Running Check
-SSL Pinning Bypass
https://notsosecure.com/bypassing-hardened-android-applications
-Root Detection Check in Native Java code and in React Native file
-Emulator Check
-Frida Running Check
-SSL Pinning Bypass
https://notsosecure.com/bypassing-hardened-android-applications
NotSoSecure
Bypassing Hardened Android Applications
Recently, we performed a penetration test on an Android application available on the Play Store. The app had good security in place to protect it from being opened and executed on a rooted app. In
👍12
How to port custom build of Kali Nethunter to an unsupported phone (Xiaomi Poco X3 NFC) and compile custom Kernel with support for TP-LINK W722N V2/V3 (RTL8812AU drivers)
https://r0ttenbeef.github.io/Port-Custom-Build-of-Kali-Nethunter-to-an-Unsupported-Phone-Walkthrough/
https://r0ttenbeef.github.io/Port-Custom-Build-of-Kali-Nethunter-to-an-Unsupported-Phone-Walkthrough/
r0ttenbeef.github.io
Port Custom Build of Kali Nethunter to an Unsupported Phone Walkthrough
Cybersecurity Blog
👍8
Infamous Chisel: Detailed analysis of each component associated with Sandworm APT group designed to enable remote access and exfiltrate information from Android phones
https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/infamous-chisel/NCSC-MAR-Infamous-Chisel.pdf
https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/infamous-chisel/NCSC-MAR-Infamous-Chisel.pdf
👍10❤1
Account takeover using PIN brute-force
BillPoint app didn't use brute-force PIN protection, which allowed attacker to gain unauthorized access to any user account simply by knowing their email
https://medium.com/@hackedbyeldee/account-takeover-on-billpoint-co-mobile-app-9cc3aedd92b
BillPoint app didn't use brute-force PIN protection, which allowed attacker to gain unauthorized access to any user account simply by knowing their email
https://medium.com/@hackedbyeldee/account-takeover-on-billpoint-co-mobile-app-9cc3aedd92b
Medium
Account Takeover on Billpoint.co Mobile App
Hello fellow cyber security enthusiasts
🔥19👍6❤1👏1