Mobile Articles
Hardcoded AWS keys in Mobile Applications
This article is about how to manage AWS access keys when using AWS services in your mobile application.
Critical attack surface of mobile applications
the Attack Surface of mobile applications.
Finding security bugs in Android applications the hard way
Ostorlab is a community effort to build a mobile application vulnerability scanner to help developers build secure mobile applications. One of the new key components of the scanner detection capabilities is a new shiny static taint engine for Android Dalvik Bytecode that was heavily optimized for performance and low false positives.
Testing Cordova Applications
Hybrid frameworks like Cordova offers the advantage of building one app for multiple platform (support for Android, iOS, Windows Phone, FireOS, FirefoxOS ...) . The framework is easy and fast to develop with and offers generally a single API for all platforms.
Android, SQL and ContentProviders or Why SQL injections aren't dead yet ?
Before we get into SQL injections and what might go wrong, we'll start by covering some technical information on Content Providers...
Android external libs!
For an Android developer, it has become standard practice to use external libraries to easily extend the functionalities of the mobile application . Thanks to Gradle easy dependency integration, features like HTTP frameworks, database ORM, fancy scrolling, efficient image loading, caching, social network integration and many others can be added easily.
Vulnerabilities tested by Google Play Store
Google will start identifying security weaknesses in Apps pushed to the Play Store...
New in Android M and N: Runtime Permissions
In Android, the permission system was one of the major security concerns of the platform for many reasons...
Android SSL pinning, frameworks and implementations
When developing a mobile application, securing the communication between the user's device and the backend is an important step to guarantee the safety of the user's data.
- 1 of 2
- Next