Monthly Archives: July 2012
Android’s BuildConfig.DEBUG
Posted: July 15, 2012 – 9:55 pm |
Author: benn |
Filed under: android, Mobile Security, Reverse Engineering, software security
Verbose logging in Android applications is both a problem we frequently see in production builds, as well as something we’ll try to enable if we’re pentesting an app. In revision 17 of Android’s SDK Tools and ADT, the release notes mentioned a feature which could help developers with this issue: Added a feature that allows [...]
Network Analysis With ProxyDroid, BurpSuite, and Hipster Dog
My last post gave an overview of some options to setup your environment for Android network analysis. Of the winners that I pointed out, my personal favorite way to do an assessment (depending on the app) is to use ProxyDroid to forward network traffic to BurpSuite’s proxy. In the examples below, I’m showing how to [...]
