frida
-
Hack the Box Pinned Walkthrough
This is going to be a walkthrough of Pinned, which is another one of the mobile challenges from Hack the Box. This challenge is rated Easy, so I’m not expecting it to be too difficult. But first, let’s take a look at the challenge description: This app has stored my credentials and I can only… Continue reading
-
Patching an APK with Objection
Many years ago I was performing a security assessment on an Android application that had SSL pinning enabled. If you don’t already know, SSL pinning essentially allows an application to only trust valid certificates. If you want to learn more about SSL pinning, you can check out my previous blog entry. In that blog entry,… Continue reading
-
Bypassing SSL Pinning with Frida
If you have attempted to test many mobile applications, you have probably been in the following situation. You have installed the app you’re trying to test, and you have your mobile device ready to use with Burp Suite. Perhaps you followed the instructions in my previous blog post here. After turning on your proxy settings… Continue reading