- 70
- 237 258
Android AppSec
India
Приєднався 13 сер 2017
We (@hpAndro and @_RaviRamesh) spend a lot of time attacking android app hacking, breaking encryption, finding business logic flaws, penetration testing, and looking for sensitive data stored insecurely.
We do it for the right reasons - to help developers make their apps more secure. The best way to verify that your app follows secure mobile development best practices is to perform security assessments of the app, which can include automated mobile app security testing, fuzzing, manual penetration testing, and more. This application represents some of the knowledge we share with the infosec community. We are trying to build vulnerable applications based on OWASP Mobile Security Testing Guide.
🚩 CTF Link : ctf.hpandro.raviramesh.info
🟦 Facebook Page: hpAndro1337
🔷Twitter handle : hpandro1337
We do it for the right reasons - to help developers make their apps more secure. The best way to verify that your app follows secure mobile development best practices is to perform security assessments of the app, which can include automated mobile app security testing, fuzzing, manual penetration testing, and more. This application represents some of the knowledge we share with the infosec community. We are trying to build vulnerable applications based on OWASP Mobile Security Testing Guide.
🚩 CTF Link : ctf.hpandro.raviramesh.info
🟦 Facebook Page: hpAndro1337
🔷Twitter handle : hpandro1337
Runtime Debugging Native Android Shared library (.so) file using IDA Pro
🚩 CTF Link: ctf.hpandro.raviramesh.info
♚ All applications: github.com/RavikumarRamesh/hpAndro1337
🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec
🟦 Facebook Page: hpAndro1337
🔷Twitter handle: hpandro1337
============================================
how #runtime #debugging a #nativelibrary can help in identifying the application's logic and #bypassing it using #IDA Pro
nsconclave.net-square.com/debugging-android's-native-library.html
By :
0ninaik
ps_doom
♚ All applications: github.com/RavikumarRamesh/hpAndro1337
🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec
🟦 Facebook Page: hpAndro1337
🔷Twitter handle: hpandro1337
============================================
how #runtime #debugging a #nativelibrary can help in identifying the application's logic and #bypassing it using #IDA Pro
nsconclave.net-square.com/debugging-android's-native-library.html
By :
0ninaik
ps_doom
Переглядів: 16 233
Відео
Android Studio Emulator (AVD) Rooting with Magisk using rootAVD
Переглядів 52 тис.3 роки тому
🚩 CTF Link: ctf.hpandro.raviramesh.info ♚ All applications :github.com/RavikumarRamesh/hpAndro1337 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle: hpandro1337 Android Studio #Emulator (#AVD) Rooting with #Magisk using #rootAVD github.com/newbit1/rootAVD forum.xda-developers.com/m/newbit.1350876/ avicoder.me/2021/09/02/Root-...
SSAID or ANDROID_ID validation Bypass using Dalvik bytecode Patch - hpAndro Vulnerable Application
Переглядів 2,2 тис.3 роки тому
🚩 CTF Link: ctf.hpandro.raviramesh.info ♚ All applications on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle: hpandro1337 #SSAID or #ANDROID_ID validation #Bypass u...
GPS Location Spoofing - hpAndro Vulnerable Application Challenge
Переглядів 5913 роки тому
🚩 CTF Link: ctf.hpandro.raviramesh.info ♚ All applications on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle: hpandro1337 #GPS Location Spoofing #Location #spoofing...
Hardcoded Secret in Native Library (.so files) - hpAndro Vulnerable Application Challenge
Переглядів 1,1 тис.3 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 Hardcoded Secret in Native Library 00:00 ...
RPATH - run-time search path hard-coded in native library - hpAndro Vulnerable Application Challenge
Переглядів 5793 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 RPATH CWE-426: Untrusted Search Path cwe....
Checking Memory for Sensitive Data (Memory Flag) - hpAndro Vulnerable Application Challenge
Переглядів 9053 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 Process Memory Flag mobile-security.gitbo...
XML External Entity [XXE] - hpAndro Vulnerable Application Challenge
Переглядів 6233 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 #XXE #XML eXternal #Entity injection (XXE...
XPath Injection - hpAndro Vulnerable Application Challenge
Переглядів 8603 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 #XPath Injection Similar to SQL Injection...
User Password Enumeration - hpAndro Vulnerable Application Challenge
Переглядів 3613 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 Insecure direct object references (#IDOR)...
Server Side Request Forgery [SSRF] - hpAndro Vulnerable Application Challenge
Переглядів 4543 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 #SSRF - Server-Side Request #Forgery Web ...
Server Fingerprinting - hpAndro Vulnerable Application Challenge
Переглядів 2323 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 Fingerprint Web Server Web #server #finge...
Remote File Inclusion [RFI] - hpAndro Vulnerable Application Challenge
Переглядів 4773 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 #RFI / #LFI The #File #Inclusion vulnerab...
REST API HTTP Methods - hpAndro Vulnerable Application Challenge
Переглядів 2243 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 Test #HTTP #Methods HTTP offers a number ...
Unrestricted File Upload - hpAndro Vulnerable Application Challenge
Переглядів 3913 роки тому
🚩 CTF Link : ctf.hpandro.raviramesh.info ♚ All application on Playstore: play.google.com/store/apps/dev?id=7722940558815307513 ♛ Consolidate challenges app: play.google.com/store/apps/details?id=com.hpandro.androidsecurity 🔊 UA-cam Channel: ua-cam.com/users/AndroidAppSec 🟦 Facebook Page: hpAndro1337 🔷Twitter handle : hpandro1337 #Unrestricted File #Upload Uploaded files...
Server Side Template Injection [SSTI] - hpAndro Vulnerable Application Challenge
Переглядів 3383 роки тому
Server Side Template Injection [SSTI] - hpAndro Vulnerable Application Challenge
S3 Bucket Misconfiguration - hpAndro Vulnerable Application Challenge
Переглядів 2503 роки тому
S3 Bucket Misconfiguration - hpAndro Vulnerable Application Challenge
RIA Cross Domain Policy - hpAndro Vulnerable Application Challenge
Переглядів 9923 роки тому
RIA Cross Domain Policy - hpAndro Vulnerable Application Challenge
Review Comment and Meta Data - hpAndro Vulnerable Application Challenge
Переглядів 1153 роки тому
Review Comment and Meta Data - hpAndro Vulnerable Application Challenge
OTP Bruteforce - hpAndro Vulnerable Application Challenge
Переглядів 6 тис.3 роки тому
OTP Bruteforce - hpAndro Vulnerable Application Challenge
Old Backup Files - hpAndro Vulnerable Application Challenge
Переглядів 3153 роки тому
Old Backup Files - hpAndro Vulnerable Application Challenge
Login Bypass Cookie Manipulation - hpAndro Vulnerable Application Challenge
Переглядів 8583 роки тому
Login Bypass Cookie Manipulation - hpAndro Vulnerable Application Challenge
JWT Misconfiguration - hpAndro Vulnerable Application Challenge
Переглядів 2813 роки тому
JWT Misconfiguration - hpAndro Vulnerable Application Challenge
JSON to XXE Blind - hpAndro Vulnerable Application Challenge
Переглядів 5443 роки тому
JSON to XXE Blind - hpAndro Vulnerable Application Challenge
JavaScript Info Leak - hpAndro Vulnerable Application Challenge
Переглядів 2313 роки тому
JavaScript Info Leak - hpAndro Vulnerable Application Challenge
Insecure Direct Object References [IDOR] - hpAndro Vulnerable Application Challenge
Переглядів 2863 роки тому
Insecure Direct Object References [IDOR] - hpAndro Vulnerable Application Challenge
Encoding & Hashing - hpAndro Vulnerable Application Challenge
Переглядів 2693 роки тому
Encoding & Hashing - hpAndro Vulnerable Application Challenge
Default Credential - hpAndro Vulnerable Application Challenge
Переглядів 1763 роки тому
Default Credential - hpAndro Vulnerable Application Challenge
Client Side Validation Bypass - hpAndro Vulnerable Application Challenge
Переглядів 3043 роки тому
Client Side Validation Bypass - hpAndro Vulnerable Application Challenge
Ninjutsu Android Penetration Testing Environment - MEmu based emulator
Переглядів 2,3 тис.3 роки тому
Ninjutsu Android Penetration Testing Environment - MEmu based emulator