| Laravel debug mode left on at Zouikwatzeggen.nl leaks admin credentials & potentially submitted reports of improper behaviour at Amsterdam University Medical Centers |
|
|
|
| One mistake, Three bugs: Comprehensive android pentesting. |
|
|
|
| Leveraging Android Permissions: A Solver Approach |
|
|
|
| The Old, The New and The Bypass - One-click/Open-redirect to own Samsung S22 at Pwn2Own 2022 |
|
|
|
| 2FA Bypass Using Custom Cookie Parameter |
|
|
|
| Hacking Chess.com: My Journey to Unlock Premium Bots on the Android App |
|
|
|
| Testing a new encrypted messaging app's extraordinary claims |
|
|
|
| The Fuzzing Guide to the Galaxy: An Attempt with Android System Services |
|
|
|
| Steal authentication token with one-click on misconfigured WebView. |
|
|
|
| How to avoid the aCropalypse |
|
|
|
| Attacking Android Antivirus Applications |
|
|
|
| Exploiting aCropalypse: Recovering Truncated PNGs |
|
|
|
| How I Leak Other’s Access Token by Exploiting Evil Deeplink Flaw |
|
|
|
| Protecting Android clipboard content from unintended exposure |
|
|
|
| The code that wasn’t there: Reading memory on an Android device by accident |
|
|
|
| Access Twitter blue features using deeplink without a subscription. |
|
|
|
| Found an URL in the android application source code which lead to an IDOR |
|
|
|
| Reversing UK mobile rail tickets |
|
|
|
| How I Found My First Bug in Android App |
|
|
|
| Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434) |
|
|
|
| Instagram vulnerability : Turn off all type of message requests using deeplink (Android) |
|
|
|
| 0 click Facebook Account Takeover and Two-Factor Authentication Bypass |
|
|
|
| Public Report – VPN by Google One Security Assessment |
|
|
|
| Manipulating AES Traffic using a Chain of Proxies and Hardcoded Keys |
|
|
|
| Multiple Vulnerabilities found in Airtel Android Application |
|
|
|
writeups.xyz
/
Android