Reverse Engineering Snapchat (Part II): Deobfuscating the Undeobfuscatable 2020-06-22

A Collection of Android Pentest Learning Materials - jdonsec/AllThingsAndroid

In October 2019 Amnesty International published a first report on the use of spyware produced by Israeli company NSO Group against Moroccan human rights defenders Maati Monjib and Abdessadak El Bouchattaoui. Through our continued investigation, Amnesty International’s…

I had always wanted to learn how to reverse engineer Android apps. There were people out there who knew how to navigate and modify the internals of an APK file and I wasn’t one of them. This had to be changed but it took a long time for that to happen. In…

This corresponds to the reverse engineering of the malware we unpacked in Part 1. Please also see the video at SecSea 2k20.

I recently discovered a large campaign of HiddenAds on the Google Play Store, spreading via gaming apps. The initial discovery was made through an apklab.io automated detection that was based on similar features of a previous HiddenAds campaign that was present…

Whether you’re a pentester looking to gain some experience in mobile hacking or a developer aiming to build secure apps, familiarizing yourself with some of the common security mistakes developers …

ESET researchers dissect an Android app that masquerades as an official COVID-19 contact-tracing app and encrypts files on the victim's device.

France’s COVID-19 tracing app has been downloaded and activated 1.8m times on Android and iOS since launch on 2 June... but then uninstalled 460,000 times.

Background

If you are a TikTok user, you should be worried—here's what you need to know.

SN Applied Sciences - In this paper, a malware classification model has been proposed for detecting malware samples in the Android environment. The proposed model is based on converting some files...

Compiling a custom Samsung Android Kernel, and living to tell the tale. Many security enthusiasts and sysadmins are familiar with the process in which one custom compiles a Linux Kernel and th…

In this blog I will be describing the pre-requesty steps I followed for one of the android application penetration testing

Hiding root access in Magisk is about to become a whole lot harder to do thanks to a recent change in SafetyNet bringing hardware attestation.

Read about the privacy changes in Android 11 and learn how to support them in your apps.

HTTP Toolkit includes built-in automatic setup and advanced support for Android, so you can debug and modify any HTTP(S) traffic in seconds.

Clipboard access notification inspired by iOS 14. Contribute to ubuntuegor/ClipboardToast development by creating an account on GitHub.

On Android 10 and earlier, apps could query the full list of installed apps on the system using methods like queryIntentActivities. In…

The Cybereason Nocturnus team is investigating a new campaign involving FakeSpy, an Android mobile malware used to steal SMS messages, send SMS messages, steal financial data, read account information and contact lists, steal application data, and do much…