Hello Hacker…

Mostly, I am writing about web application hacking & OWASP TOP 10. This is my first time writing about Android APP hacking. So today, I going to tell you How to config Burp suite Cert in Android’s latest version?

Configuring Burp Suite With Latest Android Version. Starting with Android 10, Android changed the default behavior of trusting user-installed certificates.I am using burp suite & Genymotion Android virtual devices…

Create Certificate

1 — Export Burp certificate to .DER e.g cacert.der

2 — openssl x509 -inform DER -in cacert.der -out cacert.pem

3 — openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1

4 — mv cacert.pem {hash}.0

Setup Certificate

1 — adb root

2 — adb remount

3 — adb push {cert}.0 /sdcard/

4 — adb shell

5 — mv /sdcard/{cert}.0 /system/etc/security/cacerts/

6 — chmod 644 /system/etc/security/cacerts/{cert}.0

7 — reboot

Sql Injection

SQL injection attacks pose a serious security threat to organizations. A successful SQL injection attack can result in confidential data being deleted, lost, or stolen; websites being defaced; unauthorized access to systems or accounts, and, ultimately, compromise of individual machines or entire networks. …

Web penetration testing is an important tool that is used by security professionals to test the integrity of web-facing cyber assets and systems. Penetration testing for web services is necessary to highlight risk factors associated with key vulnerabilities in existing cybersecurity implementations. Despite the importance of web penetration testing, many people outside of the cybersecurity industry fail to recognize the importance of conducting regular penetration testing.

  • Confidentiality: Vital data should be accessible only to authorized users
  • Authentication: It helps establish the identity of the user
  • Authorization: To authorize the user, he/she need to perform an action or receive a service like OTP
  • Integrity: The security measure allows the receiver to determine that the data is correct
  • Availability: Communication and information should be readily available, as required
  • **Non-**repudiation: It helps prevent later denial of an action that happened

The consequence of an XSS attack is the same regardless of whether it is stored or reflected (or DOM Based). The difference is in how the payload arrives at the server. Do not be fooled into thinking that a “read-only” or “brochureware” site is not vulnerable to serious reflected XSS…

Generally speaking, if an attacker manages to perform an XSS attack, he could be able to basically do one or more of the following:

  • Ad-Jacking — Inject his ads in it to make money
  • Click-Jacking — Create a hidden overlay on a page to hijack clicks of the victim to…

XSS flaws can be difficult to identify and remove from a web application. The best way to find flaws is to perform a security review of the code and search for all places where input from an HTTP/HTTPs request could possibly make its way into the HTML output. Note that a variety of different HTML tags can be used to transmit malicious JavaScript. Nessus, Nikto, and some other available tools can help scan a website for these flaws, but can only scratch the surface. If one part of a website is vulnerable, there is a high likelihood that there are other problems as well.

amass enum -d domain.com

Amass has a lot of data sources, but the ones that require API keys are: AlienVault, BinaryEdge, BufferOver, BuiltWith, C99, Censys, Chaos, CIRCL, DNSDB, DNSTable, FacebookCT, GitHub, HackerOne, HackerTarget, NetworksDB, PassiveTotal, RapidDNS, Riddler, SecurityTrails, Shodan, SiteDossier, Spyse, Twitter, Umbrella, URLScan, VirusTotal, WhoisXML, ZETAlytics, Cloudflare

using Config.ini…

This is all about sharing what I learn…

  1. ***What is bug bounty?***Identification and reporting of bugs and vulns in a responsible way. It all depends on interest and hard work, not on degree, age, branch, college, etc…
  2. What to study : Internet,HTTP, TCP/IP Networking Command-line Linux Web technologies, Javascript, PHP…

Yasir Ansari

An independent information security researcher and consultant https://yasiransari.me

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store