Android Spyware Alert! Fake government app targeting Android users in India!
https://labs.k7computing.com/index.php/android-spyware-alert-fake-government-app-targeting-android-users-in-india/
https://labs.k7computing.com/index.php/android-spyware-alert-fake-government-app-targeting-android-users-in-india/
K7 Labs
Android Spyware Alert! Fake government app targeting Android users in India!
Recently, we came across a detection in our telemetry report named “PM KISAN YOJNA”, masquerading as the official government application […]
🌚4🤪2❤1😁1
Transform Your Old Smartphone into a Pocket Cyberdeck with Kali NetHunter
Tutorial on how to 3D-print a minimalist palmtop-style case for Google Pixel 3 XL and install NetHunter on it with custom kernel
https://www.mobile-hacker.com/2025/06/06/transform-your-old-smartphone-into-a-pocket-cyberdeck-with-kali-nethunter/
Tutorial on how to 3D-print a minimalist palmtop-style case for Google Pixel 3 XL and install NetHunter on it with custom kernel
https://www.mobile-hacker.com/2025/06/06/transform-your-old-smartphone-into-a-pocket-cyberdeck-with-kali-nethunter/
Mobile Hacker
Transform Your Old Smartphone into a Pocket Cyberdeck with Kali NetHunter
This setup serves as a convenient alternative to carrying a full-sized laptop or struggling with a smartphone’s virtual keyboard for complex technical tasks. It offers comfortable typing and an efficient portability.
👍11🌚2👎1😁1
DroidGround: Elevate your Android CTF Challenges
https://thelicato.medium.com/droidground-elevate-your-android-ctf-challenges-69a5c479965e
https://thelicato.medium.com/droidground-elevate-your-android-ctf-challenges-69a5c479965e
Medium
DroidGround: Elevate your Android CTF Challenges
Ever felt that Android CTF challenges are too focused on reverse engineering, leaving out the thrill of real-world exploitation? I did too…
🌚5❤2
Android In-The-Wild: Unexpectedly Excavating a Kernel Exploit
https://www.youtube.com/watch?v=lnK1iACJ3-c
https://www.youtube.com/watch?v=lnK1iACJ3-c
YouTube
OffensiveCon25 - Seth Jenkins - Android In-The-Wild: Unexpectedly Excavating a Kernel Exploit
https://www.offensivecon.org/speakers/2025/seth-jenkins.html
❤10🌚1
BrutDroid — Android Security Toolkit that automates tedious emulator setup with one command (emulator, Magisk, Frida, Burp certificates, etc.)
https://github.com/Brut-Security/BrutDroid/
https://github.com/Brut-Security/BrutDroid/
👍17🌚2
Android lock screen data leak (Awarded $500)
Due to a lock screen race its possible to leak interactive app contents since app launches show on the lock screen temporarily
https://ndevtk.github.io/writeups/2025/06/06/android-leak/
Due to a lock screen race its possible to leak interactive app contents since app launches show on the lock screen temporarily
https://ndevtk.github.io/writeups/2025/06/06/android-leak/
Writeups
Android lock screen data leak (Awarded $500)
Due to a lock screen race its possible to leak interactive app contents since app launches show on the lock screen temporarily.
🌚12🗿4❤2
Over 20 Crypto Phishing Applications Found on the Play Store Stealing Mnemonic Phrases
https://cyble.com/blog/crypto-phishing-applications-on-the-play-store/
https://cyble.com/blog/crypto-phishing-applications-on-the-play-store/
Cyble
Crypto Phishing Applications On The Play Store
CRIL discovers over 20 malicious apps targeting crypto wallet users with phishing tactics and Play Store distribution under compromised developer accounts.
🌚7❤2👍1😁1💔1
Locating Smartphones Using Seeker: How a Simple Link Can Reveal Your Smartphone’s Location
https://www.mobile-hacker.com/2025/06/10/seeker-how-a-simple-link-can-reveal-your-smartphones-location/
https://www.mobile-hacker.com/2025/06/10/seeker-how-a-simple-link-can-reveal-your-smartphones-location/
❤17🥱7🔥3🤯2🌚2👍1
Bruteforcing the phone number of any Google user
https://brutecat.com/articles/leaking-google-phones
https://brutecat.com/articles/leaking-google-phones
brutecat.com
Leaking the phone number of any Google user
From rate limits to no limits: How IPv6's massive address space and a crafty botguard bypass left every Google user's phone number vulnerable
👍17👏2🌚2😁1
Media is too big
VIEW IN TELEGRAM
Can your phone be tracked without installing any malicious app?
Yes. In my post, I'll show how a simple link can reveal your smartphone’s location, demonstrate what a targeted user sees, how easy it is to set it up and how to prevent it
https://www.mobile-hacker.com/2025/06/10/seeker-how-a-simple-link-can-reveal-your-smartphones-location/
Yes. In my post, I'll show how a simple link can reveal your smartphone’s location, demonstrate what a targeted user sees, how easy it is to set it up and how to prevent it
https://www.mobile-hacker.com/2025/06/10/seeker-how-a-simple-link-can-reveal-your-smartphones-location/
👍25🤣24❤5💩2🌚2🗿2😁1🥱1
Stryker - Android pentesting app with premium access now free until 2050!
Scan networks, launch exploits, and test web apps—all from your phone
Bonus: includes a list of suggested WiFi adapters and SimpleUSB tool for identifying USB devices on the go
https://www.mobile-hacker.com/2025/06/12/stryker-app-goes-free-the-ultimate-mobile-pentesting-toolkit/
Scan networks, launch exploits, and test web apps—all from your phone
Bonus: includes a list of suggested WiFi adapters and SimpleUSB tool for identifying USB devices on the go
https://www.mobile-hacker.com/2025/06/12/stryker-app-goes-free-the-ultimate-mobile-pentesting-toolkit/
👍26🔥11❤9👎1
First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted via iMessage zero-click exploit (CVE-2025-43200)
https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/
https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/
The Citizen Lab
Graphite Caught
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journalists who consented to the technical analysis of their cases. In this report, we discuss key findings from…
🌚12👍2👎1😁1
Media is too big
VIEW IN TELEGRAM
The Stryker app is now FREE!
Packed with tools for Wi-Fi auditing, network scanning, and more — all from your Android device
👉I tested all of its features: https://www.mobile-hacker.com/2025/06/12/stryker-app-goes-free-the-ultimate-mobile-pentesting-toolkit
Packed with tools for Wi-Fi auditing, network scanning, and more — all from your Android device
👉I tested all of its features: https://www.mobile-hacker.com/2025/06/12/stryker-app-goes-free-the-ultimate-mobile-pentesting-toolkit
❤19👍5🔥3
How to use ADB & fastboot in Termux without root
You can use non-rooted Android to unlock bootloader, run ADB commands, remove bloatware, flash ROM, or even root another Android
https://www.mobile-hacker.com/2025/06/16/how-to-run-adb-and-fastboot-on-a-non-rooted-android-smartphone-using-termux/
You can use non-rooted Android to unlock bootloader, run ADB commands, remove bloatware, flash ROM, or even root another Android
https://www.mobile-hacker.com/2025/06/16/how-to-run-adb-and-fastboot-on-a-non-rooted-android-smartphone-using-termux/
❤37👍1
Media is too big
VIEW IN TELEGRAM
How to fix Metasploit in Stryker
Metasploit stuck on init? Yoro from the Stryker community shared a noscript to fix it
noscript: https://www.mobile-hacker.com/2025/06/12/stryker-app-goes-free-the-ultimate-mobile-pentesting-toolkit/
Metasploit stuck on init? Yoro from the Stryker community shared a noscript to fix it
noscript: https://www.mobile-hacker.com/2025/06/12/stryker-app-goes-free-the-ultimate-mobile-pentesting-toolkit/
👏11👍1
Exploiting Unsanitized URL Handling and SQL Injection through Deep Links in iOS App: Write-up of Flipcoin Lab
https://infosecwriteups.com/exploiting-unsanitized-url-handling-sql-injection-via-deep-links-in-ios-app-write-up-of-flipcoin-066899b09fc2
https://infosecwriteups.com/exploiting-unsanitized-url-handling-sql-injection-via-deep-links-in-ios-app-write-up-of-flipcoin-066899b09fc2
Medium
Exploiting Unsanitized URL Handling and SQL Injection through Deep Links in iOS App: Write-up of Flipcoin Lab
Breaking Down Data Exfiltration via Unsanitized External URL Handling and SQL Injection through Deep Links
🌚10🤮6🔥3👍1