Finding Hidden Threats: How I Found Leaked AWS Credentials in an Android App API Using DAST |
|
|
|
20 Security Issues Found in Xiaomi Devices |
|
|
|
BlackBerry MDM Has Some Authentication Flaws |
|
|
|
Unsecured Content Provider leads to Account Takeover |
|
|
|
Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers |
|
|
|
How did we find the same vulnerability in 9 Android Apps |
|
|
|
Hacking a Smart Home Device |
|
|
|
Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website |
|
|
|
Introducing MavenGate: a supply chain attack method for Java and Android applications |
|
|
|
Android-based PAX POS vulnerabilities (Part 1) |
|
|
|
How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leaks |
|
|
|
Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities |
|
|
|
The ART of Chaining Vulnerabilities |
|
|
|
Hunting for Android Privilege Escalation with a 32 Line Fuzzer |
|
|
|
One Scheme to Rule Them All: OAuth Account Takeover |
|
|
|
Securing our home labs: Home Assistant code review |
|
|
|
You Are Not Where You Think You Are, Opera Browsers Address Bar Spoofing Vulnerabilities |
|
|
|
Uncovering a Critical Vulnerability in Samsung Mobile Security: A Bug Bounty Journey |
|
|
|
Insecure Authentication Tokens leading to Account Takeover |
|
|
|
Bypassing Hardened Android Applications |
|
|
|
“Please do not make it public” - Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdropping |
|
|
|
Access of Android protected components via embedded intent | Android App Pentesting |
|
|
|
Huawei Theme Manager Arbitrary Code Execution |
|
|
|
How i was able to get Account Takeover via Insecure Data Storage and WebView With Exported Activity |
|
|
|
How I get 1000$ bounty for Discovering Account Takeover in Android Application |
|
|
|