This is a collection of writeups, cheatsheets, videos, related to Android Pentesting during my learning journey.
This is currently work in progress I will add more resources as I find them.
Created By @jdonsec
- NAHAMSEC - Mobile Hacking
- OWASP - Mobile Security Testing Guide
- Deesee Blog - Android Application Hacking Resources
- Maddie Stone - Android App Reverse Engineering 101
- Hacker101 - Mobile Hacking Crash Course
- MOBISEC - Mobile Systems and Smartphone Security
- Kamil Vavra - How to bypass Android certificate pinning and intercept SSL traffic
- A must follow on medium Vickie Li - An Android Hacking Primer
- Virseccon 2020 - B3nac Android Hacking VirSecCon2020 talk
- Presenters: Joff Thyer and Derek Banks - Android App Penetration Testing 101
- Speaker: Nikita Stupin, Mail.ru - Vulnerabilities of mobile OAuth 2.0
- Bugcrowd Ben Actis LevelUp 2017 - Advanced Android Bug Bounty skills
- B3nac - Youtube Channel
- Sensepost - objection - Runtime Mobile Exploration
- MobSF - Mobile-Security-Framework-MobSF
- APK Downloader -APKPURE
- Matlink - gplaycli is a command line tool to search, install, update Android applications from the Google Play Store.
- ADB Shell - Commands
- Negativewives - A New Way Of Brute force Passcode/Pin Protection By deep link
- Negativewives - Exploitation of Improper Export of Activities In Android Application
- Negativewives - Passcode Protection Bypass By Brute Forcing On zoho (Cliq Application)
- Ivan - Tips for Mobile Bug Bounty Hunting
- Elliot Anderson - Tweeter Mega Thread on Android Security
-Avinash (dedsec69) - IDOR leading to downloading of any attachment