Categories
Tags
8ksec.io android APK broadcast-receiver CC certification config content-provider CTF cybersecurity cybertalents deep-links emulator exam exploitation file-encryption flutter frida hextree.io ipc ISC2 Kali mobile mobile-exploitation network-interception pentest reverse-engineering script smali sql-injection tls-pinning token-extraction vulnerability web writeup WSL2
61 words
1 minutes
8kSec.io Android Challenges
My n00b Journey Through Android Security Challenges
Welcome to my writeup series for the 8kSec.io Android Application Exploitation Challenges. As a n00bie in Android security, I’m documenting my journey through 11 vulnerable Android applications that cover everything from password managers to privacy tools. Each challenge teaches different exploitation techniques including reverse engineering, dynamic analysis, and vulnerability discovery. Will it be easy? :“D
8kSec.io Android Challenges
Challenge 01: FactsDroid
Bypassing Flutter TLS pinning to intercept and manipulate network traffic in a fact-checking app.
375 words
|
2 minutes
Challenge 02: AndroPseudoProtect
2025-09-15
Exploiting IPC broadcast vulnerabilities to extract security tokens and bypass file encryption protection.
486 words
|
2 minutes
Challenge 03: AndroDialer
Android Deep Link Vulnerability Analysis with hardcoded authentication tokens.
792 words
|
4 minutes
Challenge 04: DroidCave
Android Content Provider SQL Injection Vulnerability Analysis with unprotected database access.
797 words
|
4 minutes