Advanced Android Bug Bounty skills - Ben Actis, Bugcrowd's LevelUp 2017

  • Published on:  7/16/2017
  • This talk will dive into commonly overlooked mobile vulnerability areas that will benefit bug bounty participants. The Android Inter Process Communication (IPC) model will be explained, and how IPC implementation flaws could allow non rooted devices to gain code execution within an app. Additionally, the talk will dive into a few ways how individuals with web application hacking skills can dive into the mobile bug bounty domain: embedded javascript within the app, javascript enabled activities, and authentication/authorization techniques.

    Have questions? Ask on the Bugcrowd forum:

    Join Bugcrowd today: