Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
Top Related Projects
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
A collection of android security related resources
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Quick Overview
B3nac/Android-Reports-and-Resources is a comprehensive GitHub repository that serves as a curated collection of Android security resources, vulnerability reports, and tools. It aims to provide developers, security researchers, and enthusiasts with valuable information and resources to enhance Android application security.
Pros
- Extensive collection of Android security resources in one place
- Regularly updated with new vulnerability reports and tools
- Includes both technical reports and beginner-friendly resources
- Covers a wide range of Android security topics, from basic to advanced
Cons
- May be overwhelming for beginners due to the large amount of information
- Some links may become outdated over time
- Lacks a structured learning path for newcomers to Android security
- Limited original content, primarily aggregates external resources
Code Examples
This repository does not contain a code library, so code examples are not applicable.
Getting Started
As this is not a code library, there are no specific getting started instructions. However, users can benefit from the repository by:
- Browsing the README.md file for an overview of available resources
- Exploring the different sections based on their interests (e.g., vulnerability reports, tools, or learning resources)
- Clicking on relevant links to access external resources and tools
- Staying updated by watching the repository for new additions and updates
Competitor Comparisons
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Pros of owasp-mastg
- Comprehensive guide covering mobile app security testing across platforms
- Regularly updated with contributions from a large community
- Includes detailed testing procedures and best practices
Cons of owasp-mastg
- May be overwhelming for beginners due to its extensive content
- Focuses on general mobile security, not specifically Android
- Requires more time to navigate and find specific information
Code Comparison
While both repositories don't primarily focus on code samples, owasp-mastg does provide some examples for security testing. Here's a brief comparison:
owasp-mastg:
TrustManagerFactory tmf = TrustManagerFactory.getInstance("X509");
tmf.init((KeyStore) null);
TrustManager[] trustManagers = tmf.getTrustManagers();
SSLContext context = SSLContext.getInstance("TLS");
context.init(null, trustManagers, null);
Android-Reports-and-Resources doesn't typically include code snippets, focusing more on vulnerability reports and resources.
Summary
owasp-mastg is a comprehensive guide for mobile app security testing, offering detailed procedures and best practices. It's regularly updated but may be overwhelming for beginners. Android-Reports-and-Resources is more focused on Android-specific vulnerabilities and reports, making it easier to navigate for Android developers. While owasp-mastg provides code examples for security testing, Android-Reports-and-Resources primarily offers vulnerability reports and resources without code snippets.
Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
Pros of android-vts
- Provides an automated vulnerability testing suite for Android devices
- Includes a user-friendly GUI for running tests and viewing results
- Regularly updated with new vulnerability checks and exploits
Cons of android-vts
- Focused solely on vulnerability testing, lacking broader Android security resources
- May require more technical expertise to interpret and act on test results
- Limited documentation on contributing to the project
Code Comparison
Android-Reports-and-Resources primarily consists of markdown files with curated lists and resources. It doesn't contain significant code samples for comparison.
android-vts, being a testing suite, contains more substantial code. Here's a snippet from its main activity:
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
toolbar = (Toolbar) findViewById(R.id.toolbar);
setSupportActionBar(toolbar);
}
Summary
Android-Reports-and-Resources serves as a comprehensive collection of Android security resources, reports, and tools. It's an excellent reference for researchers and developers but lacks practical testing capabilities.
android-vts, on the other hand, is a hands-on tool for vulnerability testing on Android devices. It offers immediate, practical value for security testing but may not provide the breadth of information found in Android-Reports-and-Resources.
Both repositories complement each other, serving different aspects of Android security research and testing.
A collection of android security related resources
Pros of android-security-awesome
- More comprehensive and extensive collection of resources
- Better organized with clear categorization of tools, books, courses, etc.
- Regularly updated with recent contributions
Cons of android-security-awesome
- May be overwhelming for beginners due to the sheer volume of information
- Less focused on specific vulnerability reports and real-world examples
- Lacks detailed explanations or tutorials for using the listed tools
Code comparison
While both repositories primarily focus on curating lists of resources rather than providing code, Android-Reports-and-Resources includes some code snippets for specific vulnerabilities. For example:
Android-Reports-and-Resources:
if (Build.VERSION.SDK_INT >= 24) {
try {
Method m = StrictMode.class.getMethod("disableDeathOnFileUriExposure");
m.invoke(null);
} catch (Exception e) {
e.printStackTrace();
}
}
android-security-awesome doesn't typically include code snippets, focusing instead on linking to external resources.
Both repositories serve as valuable resources for Android security enthusiasts, with Android-Reports-and-Resources offering more specific vulnerability reports and examples, while android-security-awesome provides a broader, more comprehensive collection of tools and resources for Android security research and development.
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Pros of MobileApp-Pentest-Cheatsheet
- Covers both Android and iOS platforms, providing a more comprehensive mobile app security resource
- Includes detailed checklists for various testing categories, making it easier for pentesters to follow a structured approach
- Offers a wider range of tools and techniques for mobile app security testing
Cons of MobileApp-Pentest-Cheatsheet
- Less focused on Android-specific vulnerabilities compared to Android-Reports-and-Resources
- May not provide as many real-world examples or case studies of Android vulnerabilities
- Updates less frequently, potentially missing newer Android security issues
Code Comparison
While both repositories primarily focus on documentation and resources rather than code, Android-Reports-and-Resources includes some code snippets for vulnerability examples. MobileApp-Pentest-Cheatsheet doesn't typically include code samples. Here's an example from Android-Reports-and-Resources:
WebView webView = (WebView) findViewById(R.id.webview);
webView.getSettings().setJavaScriptEnabled(true);
webView.addJavascriptInterface(new WebAppInterface(this), "Android");
This code demonstrates a potential security issue with WebView JavaScript interfaces in Android apps.
Both repositories serve as valuable resources for mobile app security testing, with Android-Reports-and-Resources offering more Android-specific content and MobileApp-Pentest-Cheatsheet providing a broader overview of mobile app security across platforms.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Pros of Mobile-Security-Framework-MobSF
- Comprehensive mobile app security testing framework for both Android and iOS
- Automated static and dynamic analysis capabilities
- Active development with frequent updates and community support
Cons of Mobile-Security-Framework-MobSF
- More complex setup and configuration compared to Android-Reports-and-Resources
- Requires more system resources to run effectively
- Steeper learning curve for beginners in mobile security testing
Code Comparison
Mobile-Security-Framework-MobSF (Python):
def scan_file(app_path):
# Perform static analysis
static_analysis = StaticAnalyzer(app_path)
static_results = static_analysis.analyze()
# Perform dynamic analysis
dynamic_analysis = DynamicAnalyzer(app_path)
dynamic_results = dynamic_analysis.analyze()
Android-Reports-and-Resources (Markdown):
## Android Security Reports
- [Report 1: Vulnerability in XYZ App](link-to-report-1)
- [Report 2: Security Analysis of ABC App](link-to-report-2)
## Resources
- [Android Security Checklist](link-to-checklist)
- [Best Practices for Secure Android Development](link-to-best-practices)
The code comparison highlights the difference in focus between the two repositories. Mobile-Security-Framework-MobSF provides an actual testing framework with code for analysis, while Android-Reports-and-Resources is primarily a collection of reports and resources in markdown format.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
Android-Reports-and-Resources
HackerOne Reports
Hardcoded credentials
Disclosure of all uploads via hardcoded api secret
https://hackerone.com/reports/351555
WebView
Android security checklist: WebView
https://blog.oversecured.com/Android-security-checklist-webview/
Insecure deeplinks
Account Takeover Via DeepLink
https://hackerone.com/reports/855618
Sensitive information disclosure
https://hackerone.com/reports/401793
RCE/ACE
Why dynamic code loading could be dangerous for your apps: a Google example
RCE in TinyCards for Android
https://hackerone.com/reports/281605 - TinyCards made this report private.
Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC
https://hackerone.com/reports/971386
CVE-2020-8913: Persistent arbitrary code execution in Google Play Core library
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/ - Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC - CVE-2020-8913
TikTok: three persistent arbitrary code executions and one theft of arbitrary files
https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/ - Oversecured detects dangerous vulnerabilities in the TikTok Android app
Memory corruption
Exploiting memory corruption vulnerabilities on Android
https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android/ - Exploiting memory corruption vulnerabilities on Android + an example of such vulnerability in PayPal apps
Cryptography
Use cryptography in mobile apps the right way
https://blog.oversecured.com/Use-cryptography-in-mobile-apps-the-right-way/
SQL Injection
SQL Injection in Content Provider
https://hackerone.com/reports/291764
Session theft
Steal user session
https://hackerone.com/reports/328486
Steal files
Android security checklist: theft of arbitrary files
https://blog.oversecured.com/Android-security-checklist-theft-of-arbitrary-files/
How to exploit insecure WebResourceResponse configurations + an example of the vulnerability in Amazon apps
https://blog.oversecured.com/Android-Exploring-vulnerabilities-in-WebResourceResponse/ - Android: Exploring vulnerabilities in WebResourceResponse
Vulnerable to local file steal, Javascript injection, Open redirect
https://hackerone.com/reports/499348
Token leakage due to stolen files via unprotected Activity
https://hackerone.com/reports/288955
Steal files due to exported services
https://hackerone.com/reports/258460
Steal files due to unprotected exported Activity
https://hackerone.com/reports/161710
Steal files due to insecure data storage
https://hackerone.com/reports/44727
Insecure local data storage, makes it easy to steal files
https://hackerone.com/reports/57918
Bypasses
Accidental $70k Google Pixel Lock Screen Bypass
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
Golden techniques to bypass host validations
https://hackerone.com/reports/431002
Two-factor authentication bypass due to vuln endpoint
https://hackerone.com/reports/202425
Another endpoint Auth bypass
https://hackerone.com/reports/205000
Bypass PIN/Fingerprint lock
https://hackerone.com/reports/331489
Bypass lock protection
https://hackerone.com/reports/490946
Bypass of biometrics security functionality
https://hackerone.com/reports/637194
XSS
HTML Injection in BatterySaveArticleRenderer WebView
https://hackerone.com/reports/176065
XSS via SAMLAuthActivity
https://hackerone.com/reports/283058
XSS in ImageViewerActivity
https://hackerone.com/reports/283063
XSS via start ContentActivity
https://hackerone.com/reports/189793
XSS on Owncloud webview
https://hackerone.com/reports/87835
Privilege Escalation
20 Security Issues Found in Xiaomi Devices
https://blog.oversecured.com/20-Security-Issues-Found-in-Xiaomi-Devices/
Discovering vendor-specific vulnerabilities in Android
https://blog.oversecured.com/Discovering-vendor-specific-vulnerabilities-in-Android/
Common mistakes when using permissions in Android
https://blog.oversecured.com/Common-mistakes-when-using-permissions-in-Android/
Two weeks of securing Samsung devices: Part 2
https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/
Two weeks of securing Samsung devices: Part 1
https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-1/
Intent Spoofing
https://hackerone.com/reports/97295
Access of some not exported content providers
https://hackerone.com/reports/272044
Access protected components via intent
https://hackerone.com/reports/200427
Fragment injection
https://hackerone.com/reports/43988
Javascript injection
https://hackerone.com/reports/54631
CSRF
Deeplink leads to CSRF in follow action
https://hackerone.com/reports/583987
Case sensitive account collisions
overwrite account associated with email via android application
https://hackerone.com/reports/187714
Intercept Broadcasts
Possible to intercept broadcasts about file uploads
https://hackerone.com/reports/167481
Vulnerable exported broadcast reciever
https://hackerone.com/reports/289000
View every network request response's information
https://hackerone.com/reports/56002
Practice Apps
Oversecured Vulnerable Android App
A vulnerable app showing modern security bugs in Android apps
Damn Vulnerable Bank
Vulnerable Banking Application for Android
InsecureShop
Intentionally Vulnerable Android Application
Vuldroid
Vulnerable Android Application made with security issues
InjuredAndroid
Android-InsecureBankv2
Damn Insecure and Vulnerable app
Damn Insecure and vulnerable App for Android
OWASP-GoatDroid-Project
Sieve mwrlabs
Tools
Resources
Detect secret leaks in Android apps online
Attacking vulnerable Broadcast Recievers
Android Webview Vulnerabilities
Android reverse engineering recon
Webview addjavascriptinterface RCE
Install PLayStore On Android Emulator
Android: Access to app protected components
Android: arbitrary code execution via third-party package contexts
Interception of Android implicit intents
Evernote: Universal-XSS, theft of all cookies from all sites, and more
Top Related Projects
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
A collection of android security related resources
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot