Practical Android Pentesting: A Case Study on TikTok RCEFrom Universal XSS to native library hijacking: A comprehensive guide to Android exploitation using WebViews, Intent abuse, and Zip Slip.Oct 19A response icon3Oct 19A response icon3
EG-CERT CTF25 Flog: Nowadays Arch IssuesAt EG-CTF25 this year, we focused on creating real-world, practical challenges for players. Our goal wasn’t just to challenge them, but to…May 29A response icon1May 29A response icon1
Chaining Telegram bugs to steal session-related files.We will discuss the chaining of two bugs on the telegram android application, which can make malicious applications steal internal telegram…Aug 24, 2022A response icon1Aug 24, 2022A response icon1
Exploiting Request forgery on Mobile Applications.We will tell a story about the Request forgery family and how it can attack mobile applications.Oct 18, 2021A response icon1Oct 18, 2021A response icon1
Arbitrary code execution on Facebook for Android through download featureTL;DROct 2, 2020A response icon3Oct 2, 2020A response icon3
