Ostorlab: Mobile App Security Testing for Android and iOS

Tag

intent redirection

Android Intent Redirection: Attack Vectors and Mitigations

A deep dive into Android intent redirection vulnerabilities, showing how exported “proxy” components can be abused to launch protected components, leak data via setResult(), steal content via URI grants, and hijack flows. Covers common misuse patterns and layered mitigations including validation, allowlists, IntentSanitizer, stripping dangerous flags, immutable PendingIntents, and reducing exported components.

Bilal Harras


            Thu 23 April 2026

Security

AI-Powered Pentesting: A Deep Dive into Android Intent Redirection

This article showcases Ostorlab's AI Pentest Engine's process for analyzing an Android applicatio...

Ostorlab Team


                  Sun 31 August 2025

Security

zCamera, 100M+ installation app, from remote compromise to data leaks

This article is a technical deep dive, showing how a 100M+ installation image application can exp...

Ostorlab


                  Tue 04 July 2023

intent redirection

Android Intent Redirection: Attack Vectors and Mitigations

AI-Powered Pentesting: A Deep Dive into Android Intent Redirection

zCamera, 100M+ installation app, from remote compromise to data leaks

Subscribe to the Ostorlab Newsletter