WELCOME TO MY SECURITY BLOG
-
Featured
Dynamic analysis of apps inside Android Cloning apps – Part 2
This is the 2nd and last post on the research findings related to the security issues found in Cloning Apps(Parallel Space, Dual Space etc). To recap, the previous post is about bringing out the security issues for cloned apps(guest apps) from other cloned apps or from the Cloning Apps(host app). It is also demonstrated, how… Read more
-
Featured
Yet Another Tamper Detection in Android
Android apps are signed by developer private key before uploading to the play store. Every private key has an associated public certificate that devices and services use to verify that the app is from a trusted source. App updates rely on the fact that the app has to be signed by the same developer who… Read more
-
Featured
Security hardening of Android native code
This post is in-fact a continuation of my previous post on Frida detection. In this post, I will explain the mechanisms I have followed in hardening the native code written for Frida detection.Generally binary from high level languages such as Java help to perform easier static analysis compared to that of written in C, C++… Read more
-
Dynamic analysis of apps inside Android Cloning apps – Part 1
Recently I and my friend Vikas presented our research about risks for apps executing inside virtual containers aka cloning apps(VirtualApp, ParallelSpace, DualSpace, Dr.Clone, Clone, Multi-Parallel and many more cloning apps) in Android Security Symposium. The basis for most of the risks is, apps inside the virtual container get the same UID(Unix User ID). In Android,… Read more
Follow My Blog
Get new content delivered directly to your inbox.
Darvin's Blog 