Shiv SahniinInfoSec Write-upsSSL Pinning & AWS Certificate ManagerJust Another Tradeoff Between Security & Stability?·5 min read·May 19, 2021----
Shiv SahniinInfoSec Write-upsLeakage of Sensitive Data Through Android WebviewsThe tale of identifying a vulnerability in the Android Webview component and obtaining CVE-2021–21136·5 min read·Feb 16, 2021--1--1
Shiv SahniinInfoSec Write-upsAre You Sure That You’re Not Leaking User’s Access Tokens To Third Parties?The story talks about the insecure implementation of OkHttp Interceptors in Android applications which might lead leakage of auth token·6 min read·Jun 30, 2020--1--1
Shiv SahniinInfoSec Write-upsIs Your Organization Handling Secrets Securely?The Secrets of Avoiding Hardcoded Secrets·7 min read·May 17, 2020----
Shiv SahniinInfoSec Write-upsAPKEnum: A Python Utility For APK EnumerationA Simple Python Utility To Perform Passive Enumeration On Android Binaries·3 min read·May 5, 2020----
Shiv SahniinInfoSec Write-upsNSDetect: A Tool To Discover Potential AWS Domain TakeoversUtilities That Might Help You Earn/Save Few Hundred Thousand Dollars! 🤑·4 min read·May 3, 2020----
Shiv SahniinInfoSec Write-upsThe Zaheck of Android Deep Links!In the current era of hybrid mobile architecture, the Webviews and Deep Links are extensively used hand in hand. The former one is used to…·5 min read·Apr 19, 2020----
Shiv SahniinInfoSec Write-upsAndroid Key AttestationWhat the heck is Android Key Attestation?·5 min read·Jul 14, 2019--2--2