PentestBox 2.0 Released
Hi, This is the first major release of PentestBox. Too much refractoring and structural changes are done. Before talking about …
Category: Pentesting
October 2015
Android Application Security Part 26 – Intercept Traffic on Android version after 4.2.2
In this post i will demonstrate to intercept traffic after Android 4.2.2. Most of the android security professionals uses Cydia …
Install Google Play Store in Genymotion
In this post i will demonstrate how you can install Google Play Store in a Genymotion Device. Switch ON your …
Configuring your Device for Pentesting
In the First Part of the series i have shown how we can configure a virtual device for pentesting. In …
Spoofing your location in Play Store
Many a times you have seen that application which you want to assess is only allowed in selected countries, so …
Android Application Security Part 22 – Developer Backdoor
There are sometimes when developer put a backdoor to a particular application. He/She puts that because he doesn’t want somebody …
Android Application Security Part 21 – Exploiting Debuggable Applications
Consider a situation when your mobile is stolen and it is not rooted. If an application is marked as debuggable …
Android Application Security Part 20 – Client Side Injections
Client Side Injections holds 7th position in OWASP Mobile Top 10 Javascript Injection: The mobile browser is vulnerable to javascript …
Android Application Security Part 19 – Improper Session Handling
Improper Session Handling holds 9th position in OWASP Mobile Top 10. Session handling is very important part after authentication has …
Android Application Security Part 18 – Attacking Broadcast Receivers
To get the list of exported Broadcast Receivers, you can either use drozer or can also look in AndroidManifest.xml file …