Shiv SahniinInfoSec Write-upsSSL Pinning & AWS Certificate ManagerJust Another Tradeoff Between Security & Stability?May 19, 2021May 19, 2021
Shiv SahniinInfoSec Write-upsLeakage of Sensitive Data Through Android WebviewsThe tale of identifying a vulnerability in the Android Webview component and obtaining CVE-2021–21136Feb 16, 20211Feb 16, 20211
Shiv SahniinInfoSec Write-upsAre You Sure That You’re Not Leaking User’s Access Tokens To Third Parties?The story talks about the insecure implementation of OkHttp Interceptors in Android applications which might lead leakage of auth tokenJun 30, 20201Jun 30, 20201
Shiv SahniinInfoSec Write-upsIs Your Organization Handling Secrets Securely?The Secrets of Avoiding Hardcoded SecretsMay 17, 2020May 17, 2020
Shiv SahniinInfoSec Write-upsAPKEnum: A Python Utility For APK EnumerationA Simple Python Utility To Perform Passive Enumeration On Android BinariesMay 5, 2020May 5, 2020
Shiv SahniinInfoSec Write-upsNSDetect: A Tool To Discover Potential AWS Domain TakeoversUtilities That Might Help You Earn/Save Few Hundred Thousand Dollars! 🤑May 3, 2020May 3, 2020
Shiv SahniinInfoSec Write-upsThe Zaheck of Android Deep Links!In the current era of hybrid mobile architecture, the Webviews and Deep Links are extensively used hand in hand. The former one is used to…Apr 19, 2020Apr 19, 2020
Shiv SahniinInfoSec Write-upsAndroid Key AttestationWhat the heck is Android Key Attestation?Jul 14, 20192Jul 14, 20192