Author: Hebun İlhanlı

Native Library Analysis | Chief JNI

In this article, I will cover the analysis process of native libraries and the hooking process to bypass some sample detection methods. I will show about the dynamic, disassemble and debugging analysis processes of the native package that I wrote….


Android Component Security | The Four Horsemen

An article about the vulnerabilities that can be found on the four main components used in Android Applications. In particular, the attack techniques performed on exported attribute and Implicit Intent were analyzed. As the main concept, PoC provided with methods added to malicious applications, not with ADB(for command-line tools). While not pioneering, technical information on how to avoid these vulnerabilities was also included….


Jailbreak Detection Bypass | JailMonkey

Hi Everyone ! In my previous post, you saw how we can bypass a third party(Rootbeer) root detection mechanism. Now, we will analyze a different third party library on a different platform. The library named JailMonkey is a React Native library for detection if a phone has been jail-broken or rooted for iOS/Android. In this…


Root Detection Bypass | Rootbeer

We need rooted devices to test or analyze Android apps more efficiently. However, applications with root detection mechanism prevent them from opening on rooted devices. In this article, we will learn how to bypass the root detection mechanism over two different techniques….


Decompile, Modify Smali, Recompile and Sign APK

Hello,

Today, we will decompile a randomly selected apk, then make some changes in the relevant application and compile it again. …


OWASP Juice-Shop Level 3 PART II | Writeup

Hello Everyone !

It’s been a long time… I went back to the blog with the Juice Shop serial. Since I bought a new computer and installed the juice shop back to local, there may be differences and increases in the tasks. This post is Part 2 of Level 3


Active Directory Pentest Lab | Recon with PowerShell

Hello Everyone !

In the previous article, I explained the installation of the Active Directory structure which we prepared for pentest. In this article, we will collect information about this structure without using a tool…


Active Directory Pentest Lab – Setup | MATRIX.LOCAL

Hello Everyone !

In this series, it will be practically penetration test about Active Directory. Active Directory is the directory service used on Microsoft networks. Active Directory stores all information of the organization, such as users, computers, locations, printers. If you pay attention to this site, I’ve always posted information on the practice. I’m not going to give much theoretical knowledge in this series. …


OWASP Juice-Shop Level 3 PART I | Writeup

Hello Everyone !

I am with you again after a two-week break. I can’t spend time on the blog after I started work. But this article is worth what you expected. I have divided the article into two parts since the Juice Shop has 20 tasks in the 3rd Level. Welcome to the first part of Level 3 ……


Hack The Box – Safe | Writeup

Hello Everyone !

The victim of this week’s Hack The Box series will be a machine called “Safe”. This retired machine has a Linux operating system. …