The Android architecture implements different security layers that, together, enable a defense-in-depth approach. This means that the confidentiality, integrity or availability of sensitive user-data doesn't hinge on one single security measure.

Mobile phones have become an imperative portion of our daily lives. People nowadays prefer to keep every bit of information regarding personal and professional life on their mobile phones.

The workflow of Xposed framework Plugins for Android Pentesting Xposed framework Plugins for Android Pentesting helps in...

Android Application Security This is a write-up of Android Application Security resources and tools which helps in Android...

This is a repository of iOS Security resources and tools which can be used in iOS pentesting and security research. It’s a ...

Mobexler is a Mobile Application Penetration Testing Platform, customised to include all tools required for penetration ...

Blog on CVE-2022-42889 explores a critical vulnerability found in Apache commons text in October 2022. Let's jump into its technicality.

This CVE exposes a critical security vulnerability in Apktool, a widely-used tool for reverse engineering closed-source, third-party Android apps.

Enter CVE-2023-32315, an authentication bypass vulnerability discovered in Openfire, a popular XMPP server. This exploit grants malicious actors unrestricted access to the Openfire administrative console.

Delve into CVE-2023-51409, a severe security flaw that affected the AI Engine plugin—a widely used AI-related WordPress plugin with over 50,000 active installations.

Join us as we investigate CVE-2022-33891, a critical vulnerability discovered in Apache Spark, a widely-used distributed computing framework. This flaw, involving command injection, poses severe risks of unauthorized access and control.

This blog addresses CVE-2024-1071, a critical security vulnerability found in the Ultimate Member plugin for WordPress. With over 200,000 active installations affected, it's essential to comprehend the intricacies of this issue.

This blog takes a deep dive into the intricacies of the Atlassian Confluence CVE-2023-22527 vulnerability. It aims to illuminate the inner workings of the exploit and provide actionable defense strategies that organizations can implement effectively.

CVE-2023-36884: Lets discuss the attack method, the elements that contributed to its success, and potential mitigation strategies

Dive into the details of Spring4Shell CVE-2022-22965, a critical vulnerability that was discovered in the Spring Framework

Explore the vulnerability, how to exploit it, its potential impact, and the essential steps organisations can take to protect their virtual infrastructure

Explore the vulnerability, how to exploit it, its potential impact, and the essential steps organisations can take to protect their virtual infrastructure

A critical vulnerability known as CVE 2021-44228 was discovered in the popular logging tool Log4j. This vulnerability allowed attackers to execute remote code on servers and gain unauthorized access to sensitive data.