Blogs & Writeups
OWASP Mobile Top 10 2016
Top mobile security risks
Mindmap
A comprehensive Checklist for Android Bug Bounty
OWASP Mobile Security Testing Guide
Comprehensive testing guide
Android Applications Reversing 101
Beginner's guide to Android reversing
Detect secret leaks in Android apps
Online detection tool
Android Security Guidelines
Box's security guidelines
Attacking Broadcast Receivers
Android security part 18
Android WebView Vulnerabilities
Common WebView issues
Android APK Recon Setup
Setup and tips for recon
WebView addJavascriptInterface RCE
Remote code execution via WebView
Install PlayStore on Emulator
Guide for emulator setup
Android Bug Bounty Tips
Targeting mobile apps
Access to Protected Components
Oversecured blog post
Arbitrary Code Execution
Via third-party package contexts
Interception of Implicit Intents
Android security issue
Evernote Vulnerabilities
Universal XSS and cookie theft
Gaining Access to Content Providers
Android security issue
@vaishalinagori112 on Medium
@prasadraj954 on Medium
B3nacโs Android Reports and Resources
Oversecured Blog
CorSecure Blog
Frida Official Documentation
SecurityBreached (Babayaga47)
DeeSee's Android Security Resources
Hacker101: Mobile Crash Course
Mobisec Slides
Bypassing Certificate Pinning (vavkamil)
Android Hacking Primer
OWASP Mobile Top Ten 2023 โ fi5t
Android SMS Stealer โ Max Kersten
Hacking SMS API via Static Analysis โ Security Breached
Bug Bounty Hunting Tips (Mobile Apps โ Android Edition)
Getting Started in Android Pentesting
Exploiting Insecure Firebase DB
Finding Leaked AWS Creds in Android Apps
200+ Bounty Payouts: SQLi in Content Providers
8 Ways to Bypass SSL Pinning in iOS
Last updated