New Android interception tool for component communication (IPC) mapping called #noxen for pentesters and bug bounty hunters
Test: https://youtube.com/shorts/JitFuNRCOJ8
Download: https://github.com/frankheat/noxen
Test: https://youtube.com/shorts/JitFuNRCOJ8
Download: https://github.com/frankheat/noxen
YouTube
Android interception tool for component communication (IPC) mapping | noxen | pentest
noxen is an Android runtime interception tool for security research...
π22β€11π₯5
How hard can it be to build Frida natively on Android in Termux (without NDK)?
https://qbtau.in/posts/building_frida_on_termux/
https://qbtau.in/posts/building_frida_on_termux/
Abhi's Blog
How hard can it be to build Frida natively on Android/Termux(without NDK?)
Seriously, How hard can it be?
β€14π3π2
Android ZeroβClick RCE via Wireless Debugging (CVEβ2026β0073) + demos
Blog: https://www.mobile-hacker.com/2026/05/12/android-rce-via-wireless-debugging-from-network-access-to-shell/
Video: https://youtu.be/ihEIr0wWklk
Blog: https://www.mobile-hacker.com/2026/05/12/android-rce-via-wireless-debugging-from-network-access-to-shell/
Video: https://youtu.be/ihEIr0wWklk
YouTube
Android ZeroβClick RCE via Wireless Debugging | CVEβ2026β0073 Demo
In this video, I break down a critical Android vulnerability ( CVEβ2026β0073 ) affecting modern versions of Android (14, 15, 16), where a flaw in ADBβs authentication logic can allow an attacker on the same network to gain shell access without user interaction.β¦
β€23π4
Android Intrusion Logging as a new source of data for forensic analysis
https://securitylab.amnesty.org/latest/2026/05/android-intrusion-logging-as-a-new-source-of-data-for-consensual-forensic-analysis/
https://securitylab.amnesty.org/latest/2026/05/android-intrusion-logging-as-a-new-source-of-data-for-consensual-forensic-analysis/
Amnesty International Security Lab
Android Intrusion Logging as a new source of data for consensual forensic analysis - Amnesty International Security Lab
Google has today announced the launch of a new βAndroid Intrusion Loggingβ feature as part of Android Advanced Protection Mode (AAPM). The new intrusion logging feature promises to be a major aid to digital forensics researchers undertaking investigationsβ¦
π12β‘2π©2π1
Inside the Fake RTO Challan Checker: How I Uncovered a Sophisticated Android Spyware Targeting Indians
Part 1: https://medium.com/@singhbkn07/inside-the-fake-rto-challan-checker-how-i-uncovered-a-sophisticated-android-spyware-targeting-8f2da6a9a5a0
Part 2: https://medium.com/@singhbkn07/fake-rto-challan-checker-part-2-cracking-the-payload-mapping-the-operator-and-why-this-is-3eb78e512d7f
Part 1: https://medium.com/@singhbkn07/inside-the-fake-rto-challan-checker-how-i-uncovered-a-sophisticated-android-spyware-targeting-8f2da6a9a5a0
Part 2: https://medium.com/@singhbkn07/fake-rto-challan-checker-part-2-cracking-the-payload-mapping-the-operator-and-why-this-is-3eb78e512d7f
Medium
Inside the Fake RTO Challan Checker: How I Uncovered a Sophisticated Android Spyware Targeting Indians
A full technical teardown of a malware campaign hiding behind Indiaβs traffic fine system
π₯5π3β€2π2π2
APKShield-PT: Auto Root Detection & SSL Pinning Bypass with Frida Script Generation
https://github.com/Whitehat987/apkshield-pt
https://github.com/Whitehat987/apkshield-pt
GitHub
GitHub - Whitehat987/apkshield-pt: Android Penetration Testing Tool β Auto Root Detection & SSL Pinning Bypass with Frida Scriptβ¦
Android Penetration Testing Tool β Auto Root Detection & SSL Pinning Bypass with Frida Script Generation - Whitehat987/apkshield-pt
π₯9π2π©2π€£1π1πΎ1
An Android VPN apps can be bypassed and leak IP
https://lowlevel.fun/posts/tiny-udp-cannon-android-vpn-bypass/
https://lowlevel.fun/posts/tiny-udp-cannon-android-vpn-bypass/
lowlevel.fun
The Tiny UDP Cannon: An Android VPN Bypass
An unprivileged Android app can leak the user's real IP past Always-On VPN + lockdown by handing system_server a UDP payload to fire on its behalf.
π10π6π€3π€¬1π1
NFC Relay Goes Local: How AI Is Accelerating a New Wave of Independent Malware Developers
https://www.cleafy.com/cleafy-labs/nfc-relay-goes-local-how-ai-is-accelerating-a-new-wave-of-independent-malware-developers
https://www.cleafy.com/cleafy-labs/nfc-relay-goes-local-how-ai-is-accelerating-a-new-wave-of-independent-malware-developers
Cleafy
NFC Relay Goes Local: How AI Is Accelerating a New Wave of Independent Malware Developers | Cleafy
Cleafy's TIR team identified and analyzed two previously undocumented Android NFC relay malware families, DevilNFC and NFCMultiPay, actively targeting European and LATAM banking customers.
π10β€2
Reverse engineering Android malware with Claude Code
https://zanestjohn.com/blog/reing-with-claude-code
https://zanestjohn.com/blog/reing-with-claude-code
Zanestjohn
Reverse engineering Android malware with Claude Code - Zane St. John
I pointed an autonomous coding agent at a $35 projector. It found a big RAT.
β€17π4πΎ3
Trapdoor Funnels Malvertising into Ad Fraud
https://www.humansecurity.com/learn/resource/satori-threat-intelligence-alert-trapdoor-funnels-malvertising-into-ad-fraud/
https://www.humansecurity.com/learn/resource/satori-threat-intelligence-alert-trapdoor-funnels-malvertising-into-ad-fraud/
π7β€1
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
https://zimperium.com/blog/premium-deception-uncovering-a-global-android-carrier-billing-fraud-campaign
Zimperium
Premium Deception: Uncovering a Global Android Carrier Billing Fraud Campaign
true
π4π2π₯1
The Flipper One: Hacking Gadget is Becoming a Pocket Linux PC [video]
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
https://www.mobile-hacker.com/2026/05/20/the-flipper-one-hacking-gadget-is-becoming-a-pocket-linux-pc/
π10
Comparing 3D printed Flipper One model to Zero
https://www.youtube.com/shorts/qHS_kmxJKow
https://www.youtube.com/shorts/qHS_kmxJKow
YouTube
Flipper One is Becoming a Pocket Linux PC
Flipper OneBigger. More powerful. Way more capable.Flipper One is...
π₯9π3β‘1
OverlayPhantom: The Android Banking Trojan Hiding in Plain Sight
https://cyble.com/blog/overlayphantom-android-banking-trojan/
https://cyble.com/blog/overlayphantom-android-banking-trojan/
Cyble
OverlayPhantom-android-banking-trojan-hiding In Plain Sight
Cyble analyzes OverlayPhantom, an Android banking trojan targeting 180+ apps across 10 countries, stealing credentials via fake overlays and real-time screen streaming.
β€8π4
BTMOB: A stealthy RAT burrowing deep into Android devices
https://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
https://www.welivesecurity.com/en/malware/btmob-stealthy-rat-burrowing-deep-android-devices/
Welivesecurity
BTMOB: A stealthy RAT burrowing deep into Android devices
The BTMOB malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise.
β€10π2
IRIS (Intent Runtime Inspection System) - tool for observing Android Intent activity from a rooted device
https://github.com/Ch0pin/iris
https://github.com/Ch0pin/iris
GitHub
GitHub - Ch0pin/iris: Intent Runtime Inspection System
Intent Runtime Inspection System. Contribute to Ch0pin/iris development by creating an account on GitHub.
β€10π4π1
Technical overview of how commercial forensic tools compromise mobile devices
https://osservatorionessuno.org/blog/2026/05/demystifying-phone-unlocking-tools-a-technical-overview/
https://osservatorionessuno.org/blog/2026/05/demystifying-phone-unlocking-tools-a-technical-overview/
osservatorionessuno.org
Osservatorio Nessuno
Demystifying phone unlocking tools: A technical overview
π9π2
Bypassing SSL Pinning in Flutter-Based iOS Applications
https://medium.com/@drhatab/bypassing-ssl-pinning-in-flutter-based-ios-applications-54f420d2f1a1
https://medium.com/@drhatab/bypassing-ssl-pinning-in-flutter-based-ios-applications-54f420d2f1a1
Medium
Bypassing SSL Pinning in Flutter-Based iOS Applications
Hello folks,
β€12π5π5
Bypassing Flutter TLS/SSL Verification When reFlutter Fails
https://petruknisme.medium.com/bypassing-flutter-tls-ssl-verification-when-reflutter-fails-a4c41ff758a3
https://petruknisme.medium.com/bypassing-flutter-tls-ssl-verification-when-reflutter-fails-a4c41ff758a3
Medium
Bypassing Flutter TLS/SSL Verification When reFlutter Fails
During Flutter mobile application assessments, reFlutter is often the fastest option for bypassing TLS/SSL verification and redirectingβ¦
π7β€2π1
Bypassing SSL Pinning on Play Store Android Device Emulators without Frida
https://www.mfumis.com/posts/bypassing-ssl-pinning-on-play-store-avds-without-frida/
https://www.mfumis.com/posts/bypassing-ssl-pinning-on-play-store-avds-without-frida/
Mateo Fumis (hackermater)
Bypassing SSL Pinning on Play Store AVDs without Frida
π² π Bypassing SSL Pinning on Play Store Android Device Emulators without Frida
β‘4β€2π₯1
A $300 Creative speaker can be hacked over Bluetooth (no pairing) to install malicious firmware and silently turn into a BadUSB keyboard that can takes over USB connected PC.
Creative donβt consider it a vulnerability - it is not patched!
https://blog.nns.ee/2026/06/03/katana-badusb/
Creative donβt consider it a vulnerability - it is not patched!
https://blog.nns.ee/2026/06/03/katana-badusb/
blog.nns.ee
Pwnd Blaster: Hacking your PC using your speaker without ever touching it | nns.ee
Abusing an unauthenticated Bluetooth protocol to turn a PC speaker into a Rubber Ducky.
β‘7π₯1