Penetration Testing Wiki

Cybersecurity Android Apps

How to hijack Android OS calls with Frida

LEVEL: ADVANCED When we are performing a pentest on an Android app, sometimes is useful to get the parameters that the application is sending through a function or even hijack some specific function to return other values. Let’s see in this article how we can intercept and even hijack any method from a given Android…
Read more

Web3 Security Cheat Sheet

Solidity Attacks var misuse tx.origin vs. msg.sender send() vs. transfer() DOS in for/while if user can control mapping length variables scope in inheritance: public vs. internal unfiltered variables integer overflows selfdestruct Inheritance methods override proxy constructors hijacking: initialize() or init() DELEGATECALL transferOwnership() exploitation fallback function() {} DeFi Attacks Amount encoding: 0xFFF, 1e-100 change source address in JS object with browser debugger XSS in localStorage / sessionStorage Lack of Access…
Read more

Cybersecurity Android Apps

How to reverse engineer any Android game using Unity

LEVEL: ADVANCED Download (Unity il2cpp reverse engineer) Now open package_re\DummyDll\Assembly-CSharp.dll with DnSpy. Also you can use the following Frida wrapper to save time:

How to compile a Solidity Smart Contract with solc-js

You can easily install solc-js from npm official package repository: It will install solc-js under /usr/local/bin/solcjs -> ../lib/node_modules/solc/solc.js Basic syntax to compile a smart contract written in Solidity: If you use external contracts, imports or OpenZeppelin:

How to install solc in Linux

To install the latest version, the best option is to compile directly from the official Github repository: There are two requirements prior to build solc, we need to install cmake and the development libraries of Boost: After that, we can clone the solidity repository, as shown below: Finally, we can run a script to…
Read more

How to intercept HTTPS with Proxydroid

If you are interested in getting all traffic related to an specific app and you have a rooted phone, ProxyDroid is a good option: Once installed in your phone. First thing before enabling the “Proxy Switch”, you have to point Proxydroid to the machine where you have BurpSuite running listening in the Wifi interface.…
Read more

₿ Blockchain & DeFi Cyberattacks Review

Index of cyberattacks (from recent to oldest): 💣 OLA $3.6 Million hack (2022) 💣 INV $15.6 Million price manipulation through keep3r oracle (2022) 💣 BAYC Discord compromise and phishing (2022) 💣 Ronin $625 Million hack (2022) 💣 Wormhole Qbridge $324 Million hack (2022) 💣 Poly Network Access Control $610 Million hack (2021) 💣 PancakeSwap Lottery…
Read more

Alternatives to for Out-of-band resource load

Sometimes when we are performing a pentest or bug bounties we need an external site to verify some blind injections or exfiltrate data. This is known as Out-of-Band or just OOB. Also in some of the newest vulnerabilities found, such as log4j, also needed a OOB DNS resource to validate if a machine could be…
Read more

Learn Blockchain Security for free Android app

🏆 If you want to learn about blockchain security, give a try to Learn Blockchain Security Android app! You can learn about blockchain attacks, smart contracts vulnerabilities and general blockchain concepts. Download it here: Also check the most common vulnerabilities on Smart Contracts:

Google Play Store

How to search Android apps in other countries

Imagine that you are looking for pentest apps in the Google Play Store, that’s the URL you got: By default, Google only shows you apps that are available in your region. But it might be the case that you are interested to look for android apps in a particular region. For that, just add…
Read more