SecBoard
Zurück zur Übersicht

malware-apk — As a bug hunter, are your bug bounty reports getting rejected because you don't use a "malicious" Proof of Concept (PoC) app to exploit the vulnerabilities? I've got you covered!

GitHub Trending·
Originalartikel lesen bei GitHub Trending

As a bug hunter, are your bug bounty reports getting rejected because you don't use a "malicious" Proof of Concept (PoC) app to exploit the vulnerabilities? I've got you covered! · Sprache: Java · Topics: android, bug-bounty, content-provider, deep-link, deep-link-hijacking, drozer · ⭐ 144 Stars

Red-Team-Relevanz

Was heißt das für dein nächstes Assessment?

  • Initial Access möglich?Unklar
  • Privilege Escalation relevant?Unklar
  • Exploit öffentlich verfügbar?Ja
  • Detection / Logging prüfbar?Ja
  • Für Purple-Team-Szenario geeignet?Ja

Kundenfragen

  • Können wir Resource Development detektieren?

MITRE ATT&CK Kill Chain (3 Techniken)

Themen
androidbug-bountycontent-providerdeep-linkdeep-link-hijackingdrozerethical-hackingfile-content-providerfridaintent-injection