Advanced Android Bug Bounty skills - Ben Actis, Bugcrowd's LevelUp 2017
Вставка
- Опубліковано 30 чер 2024
- This talk will dive into commonly overlooked mobile vulnerability areas that will benefit bug bounty participants. The Android Inter Process Communication (IPC) model will be explained, and how IPC implementation flaws could allow non rooted devices to gain code execution within an app. Additionally, the talk will dive into a few ways how individuals with web application hacking skills can dive into the mobile bug bounty domain: embedded javascript within the app, javascript enabled activities, and authentication/authorization techniques.
Have questions? Ask on the Bugcrowd forum: bgcd.co/2upISev
Join Bugcrowd today: bgcd.co/2up2fUH - Наука та технологія
01:59 amateur hour mistakes 03:50 external storage 05:14 check manifest, grep 07:39 iNotify 09:55 proguard 13:30 logcat 18:14 webview 23:30 IPC
minute 32:30 - > you mean Drozer right?
Where are the slides??
Hello, you can find the slides here: docs.google.com/presentation/d/1SqZhtxqCypVEsOcQXzG2FYDof-7RvY2GA5j1EawfVdM
9:32 is it just me, or, did he say Directory Transversal (not traversal) issue? then went on to say Dozer. Does he even know what he's speaking?
🤣
Lol
Sir I need full hacking course for free 😭😭😭