[beginners] Android Pentesting Skill
https://github.com/DragonJAR/Android-Pentesting-Skill
https://github.com/DragonJAR/Android-Pentesting-Skill
GitHub
GitHub - DragonJAR/Android-Pentesting-Skill: Skill de Pentesting para Android
Skill de Pentesting para Android. Contribute to DragonJAR/Android-Pentesting-Skill development by creating an account on GitHub.
π₯13β€8π1π1
New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps
https://www.threatfabric.com/blogs/new-trickmo-variant-device-take-over-malware-targeting-banking-fintech-wallet-auth-app
https://www.threatfabric.com/blogs/new-trickmo-variant-device-take-over-malware-targeting-banking-fintech-wallet-auth-app
ThreatFabric
New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps
Perseus is a new Device Takeover (DTO) malware family that specifically looks for user-generated content stored in note taking applications.
β€7π4
New Android interception tool for component communication (IPC) mapping called #noxen for pentesters and bug bounty hunters
Test: https://youtube.com/shorts/JitFuNRCOJ8
Download: https://github.com/frankheat/noxen
Test: https://youtube.com/shorts/JitFuNRCOJ8
Download: https://github.com/frankheat/noxen
YouTube
Android interception tool for component communication (IPC) mapping | noxen | pentest
noxen is an Android runtime interception tool for security research...
π22β€11π₯5
How hard can it be to build Frida natively on Android in Termux (without NDK)?
https://qbtau.in/posts/building_frida_on_termux/
https://qbtau.in/posts/building_frida_on_termux/
Abhi's Blog
How hard can it be to build Frida natively on Android/Termux(without NDK?)
Seriously, How hard can it be?
β€14π3π2
Android ZeroβClick RCE via Wireless Debugging (CVEβ2026β0073) + demos
Blog: https://www.mobile-hacker.com/2026/05/12/android-rce-via-wireless-debugging-from-network-access-to-shell/
Video: https://youtu.be/ihEIr0wWklk
Blog: https://www.mobile-hacker.com/2026/05/12/android-rce-via-wireless-debugging-from-network-access-to-shell/
Video: https://youtu.be/ihEIr0wWklk
YouTube
Android ZeroβClick RCE via Wireless Debugging | CVEβ2026β0073 Demo
In this video, I break down a critical Android vulnerability ( CVEβ2026β0073 ) affecting modern versions of Android (14, 15, 16), where a flaw in ADBβs authentication logic can allow an attacker on the same network to gain shell access without user interaction.β¦
β€23π4
Android Intrusion Logging as a new source of data for forensic analysis
https://securitylab.amnesty.org/latest/2026/05/android-intrusion-logging-as-a-new-source-of-data-for-consensual-forensic-analysis/
https://securitylab.amnesty.org/latest/2026/05/android-intrusion-logging-as-a-new-source-of-data-for-consensual-forensic-analysis/
Amnesty International Security Lab
Android Intrusion Logging as a new source of data for consensual forensic analysis - Amnesty International Security Lab
Google has today announced the launch of a new βAndroid Intrusion Loggingβ feature as part of Android Advanced Protection Mode (AAPM). The new intrusion logging feature promises to be a major aid to digital forensics researchers undertaking investigationsβ¦
π12β‘2π©2π1
Inside the Fake RTO Challan Checker: How I Uncovered a Sophisticated Android Spyware Targeting Indians
Part 1: https://medium.com/@singhbkn07/inside-the-fake-rto-challan-checker-how-i-uncovered-a-sophisticated-android-spyware-targeting-8f2da6a9a5a0
Part 2: https://medium.com/@singhbkn07/fake-rto-challan-checker-part-2-cracking-the-payload-mapping-the-operator-and-why-this-is-3eb78e512d7f
Part 1: https://medium.com/@singhbkn07/inside-the-fake-rto-challan-checker-how-i-uncovered-a-sophisticated-android-spyware-targeting-8f2da6a9a5a0
Part 2: https://medium.com/@singhbkn07/fake-rto-challan-checker-part-2-cracking-the-payload-mapping-the-operator-and-why-this-is-3eb78e512d7f
Medium
Inside the Fake RTO Challan Checker: How I Uncovered a Sophisticated Android Spyware Targeting Indians
A full technical teardown of a malware campaign hiding behind Indiaβs traffic fine system
π₯5π3β€2π2π2
APKShield-PT: Auto Root Detection & SSL Pinning Bypass with Frida Script Generation
https://github.com/Whitehat987/apkshield-pt
https://github.com/Whitehat987/apkshield-pt
GitHub
GitHub - Whitehat987/apkshield-pt: Android Penetration Testing Tool β Auto Root Detection & SSL Pinning Bypass with Frida Scriptβ¦
Android Penetration Testing Tool β Auto Root Detection & SSL Pinning Bypass with Frida Script Generation - Whitehat987/apkshield-pt
π₯9π2π©2π€£1π1πΎ1
An Android VPN apps can be bypassed and leak IP
https://lowlevel.fun/posts/tiny-udp-cannon-android-vpn-bypass/
https://lowlevel.fun/posts/tiny-udp-cannon-android-vpn-bypass/
lowlevel.fun
The Tiny UDP Cannon: An Android VPN Bypass
An unprivileged Android app can leak the user's real IP past Always-On VPN + lockdown by handing system_server a UDP payload to fire on its behalf.
π10π6π€3β€1π€¬1π1
NFC Relay Goes Local: How AI Is Accelerating a New Wave of Independent Malware Developers
https://www.cleafy.com/cleafy-labs/nfc-relay-goes-local-how-ai-is-accelerating-a-new-wave-of-independent-malware-developers
https://www.cleafy.com/cleafy-labs/nfc-relay-goes-local-how-ai-is-accelerating-a-new-wave-of-independent-malware-developers
Cleafy
NFC Relay Goes Local: How AI Is Accelerating a New Wave of Independent Malware Developers | Cleafy
Cleafy's TIR team identified and analyzed two previously undocumented Android NFC relay malware families, DevilNFC and NFCMultiPay, actively targeting European and LATAM banking customers.
π10β€2
Reverse engineering Android malware with Claude Code
https://zanestjohn.com/blog/reing-with-claude-code
https://zanestjohn.com/blog/reing-with-claude-code
Zanestjohn
Reverse engineering Android malware with Claude Code - Zane St. John
I pointed an autonomous coding agent at a $35 projector. It found a big RAT.
β€17π4πΎ3
Trapdoor Funnels Malvertising into Ad Fraud
https://www.humansecurity.com/learn/resource/satori-threat-intelligence-alert-trapdoor-funnels-malvertising-into-ad-fraud/
https://www.humansecurity.com/learn/resource/satori-threat-intelligence-alert-trapdoor-funnels-malvertising-into-ad-fraud/
π7β€1
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
Zimperium
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
true
π4π2π₯1
The Flipper One: Hacking Gadget is Becoming a Pocket Linux PC [video]
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
π10
Comparing 3D printed Flipper One model to Zero
https://www.youtube.com/shorts/qHS_kmxJKow
https://www.youtube.com/shorts/qHS_kmxJKow
YouTube
Flipper One is Becoming a Pocket Linux PC
Flipper OneBigger. More powerful. Way more capable.Flipper One is...
π₯9π3β‘1
OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight
https://cyble.com/blog/overlayphantom-android-banking-trojan/
https://cyble.com/blog/overlayphantom-android-banking-trojan/
Cyble
OverlayPhantom-android-banking-trojan-hiding In Plain Sight
Cyble analyzes OverlayPhantom, an Android banking trojan targeting 180+ apps across 10 countries, stealing credentials via fake overlays and real-time screen streaming.
β€8π4
BTMOB: A stealthy RAT burrowing deep into Android devices
https://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
https://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
Welivesecurity
BTMOB: A stealthy RAT burrowing deep into Android devices
The BTMOB malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise.
β€11π2
IRIS (Intent Runtime Inspection System) - tool for observing Android Intent activity from a rooted device
https://github.com/Ch0pin/iris
https://github.com/Ch0pin/iris
GitHub
GitHub - Ch0pin/iris: Intent Runtime Inspection System
Intent Runtime Inspection System. Contribute to Ch0pin/iris development by creating an account on GitHub.
β€10π4π1
Technical overview of how commercial forensic tools compromise mobile devices
https://osservatorionessuno.org/blog/2026/05/demystifying-phone-unlocking-tools-a-technical-overview/
https://osservatorionessuno.org/blog/2026/05/demystifying-phone-unlocking-tools-a-technical-overview/
osservatorionessuno.org
Osservatorio Nessuno
Demystifying phone unlocking tools: A technical overview
π9π2
Bypassing SSL Pinning in Flutter-Based iOS Applications
https://medium.com/@drhatab/bypassing-ssl-pinning-in-flutter-based-ios-applications-54f420d2f1a1
https://medium.com/@drhatab/bypassing-ssl-pinning-in-flutter-based-ios-applications-54f420d2f1a1
Medium
Bypassing SSL Pinning in Flutter-Based iOS Applications
Hello folks,
β€12π5π5
Bypassing Flutter TLS/SSL Verification When reFlutter Fails
https://petruknisme.medium.com/bypassing-flutter-tls-ssl-verification-when-reflutter-fails-a4c41ff758a3
https://petruknisme.medium.com/bypassing-flutter-tls-ssl-verification-when-reflutter-fails-a4c41ff758a3
Medium
Bypassing Flutter TLS/SSL Verification When reFlutter Fails
During Flutter mobile application assessments, reFlutter is often the fastest option for bypassing TLS/SSL verification and redirectingβ¦
π7β€2π1