Research
Research, publications or commentary written by or in collaboration with Ovi.
12 posts
Research
members
Server-side Device Validation Protocols in High-Security Android Applications - Cashapp, Revolut, Banking, Healthcare, Government etc.
In my previous two posts about Android emulator bypassing (Android Network Emulator Bypassing for high security apps - Cashapp, Revolut, Banking, Healthcare, Government etc. & Advanced Android Emulator Bypass Techniques…
Research
members
UCID902: Uncovering nation state watering hole credential harvesting campaigns targeting human rights activists by APT threat group UCID902 (2023)
This is a repost of some critical research I performed back in 2023 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members
Security and privacy analysis: MDM applications (국방모바일보안) for South Korean Military personnel (2023)
This is a repost of some critical research I performed back in 2023 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members
RambleOn Android Spyware (December 2022)
This is a repost of some critical research I performed back in 2022 that was originally hosted on Interlab's website. Since Interlab has been abandoned by it'…
Research
members
Account Takeover via browsable intent filter in Android app
Mobile app security is an interesting field; since app sandbox restrictions are very good, finding security issues can be extremely hard. Once you start delving into applications more and more,…
Research
members
RE:privacy | Glow Fertility women's health app - IDOR vulnerability leads to 25 million userbase dataleak
Summary
As part of the RE:privacy project, I am reverse engineering and hacking reproductive health apps to interrogate the security and privacy of these products. You can find out…