LevelUpX - Series 12: Finding Sensitive Data in Android Apps with Nerdwell

preview_player
Показать описание
In this presentation, Nerdwell reviews common developer assumptions about mobile application security and explores ways in which these assumptions can be invalidated. We begin with a review of some new tools that streamline the bug bounty hunter's Android hacking workflow. After that, we present tools and techniques for accessing, identifying, and extracting sensitive data from Android apps' internal storage. Then we wrap up with a discussion of how to maximize the security impact of our findings for impactful bug bounty reports.

Want to get involved?
  1. Bugcrowd
Рекомендации по теме
LevelUpX - Series 0:44:35

LevelUpX - Series 12: Finding Sensitive Data in Android Apps with Nerdwell

LevelUpX - Series 0:45:29

LevelUpX - Series 14: Finding and Exploiting Hidden Functionality in Windows DLLs with Nerdwell

Day 12 | 0:50:36

Day 12 | Cyber Security Bootcamp 2023 | Finding Bugs IN Salesforce CRM #bugbounty #ethicalhacking

LevelUpX - Series 0:34:25

LevelUpX - Series 1: Salesforce Object Recon with B3nac

Hunting IDOR with 0:32:47

Hunting IDOR with Z-winK (Part 2)

LevelUpX - Series 0:21:47

LevelUpX - Series 3: How I hacked 55 Banks & Cryptocurrency Exchanges with Alissa Knight

PowerUpSQL - Finding 0:00:14

PowerUpSQL - Finding Sensitive Data

LevelUpX - Series 0:56:23

LevelUpX - Series 9: 8 Ways to (Almost) Never Get a Dupe Again with InsiderPhD (Katie Paxton-Fear)

Creating Virtual Disks 0:01:49

Creating Virtual Disks to Protect Sensitive Data on Your Computer

Bunch of API 0:02:29

Bunch of API keys, Tokens I found on Live Android Application || Bug Bounty || POC || 2022

LevelUp 0x02 - 0:20:55

LevelUp 0x02 - Small Files And Big Bounties, Exploiting Sensitive Files

Hacking Android & 1:06:11

Hacking Android & iOS apps with Deep Links and XSS

Bugcrowd Researcher Templates 0:02:41

Bugcrowd Researcher Templates for Bug Bounty Hunters

How HACKERS Stole 0:11:01

How HACKERS Stole $1.000.000.000 From 30 DIFFERENT COUNTRIES

Bugcrowd Security Flash 0:13:51

Bugcrowd Security Flash - The Kaseya REvil Attack Explained

Salesforce Object Recon 0:34:25

Salesforce Object Recon with B3nac

WhatsApp - a 0:10:38

WhatsApp - a malicious GIF that could execute code on your smartphone - Bug Bounty Reports Explained

[Bug Bounty] Is 0:48:03

[Bug Bounty] Is writing code necessary to make money in Bug Bounty? To what extent?

Bugcrowd Security Flash 0:23:48

Bugcrowd Security Flash - Log4Shell

API Testing Methodology, 0:56:00

API Testing Methodology, w/ Dr. Katie Paxton-Fear | by Traceable AI

Bugcrowd Security Flash 0:16:01

Bugcrowd Security Flash - Spring4Shell: What It Is and How To Address It

Diana Initiative 2022-Gabrielle 0:38:36

Diana Initiative 2022-Gabrielle Botbol-Android Application Hacking

Securing Sensitive Data 0:20:12

Securing Sensitive Data Android Keystore vs Whitebox Cryptography

KnighTV Episode 9 0:11:32

KnighTV Episode 9 Hacking a bank's API Server Live Fire Against a European Bank

Комментарии
Автор

Fantastic content. More of this please!!

cmdsecure