This talk will dive into commonly overlooked mobile vulnerability areas that will benefit bug bounty participants. The Android Inter Process Communication (IPC) model will be explained, and how IPC implementation flaws could allow non rooted devices to gain code execution within an app. Additionally, the talk will dive into a few ways how individuals with web application hacking skills can dive into the mobile bug bounty domain: embedded javascript within the app, javascript enabled activities, and authentication/authorization techniques.
Get Started with Bugcrowd
Every minute that goes by, your unknown vulnerabilities leave you more exposed to cyber attacks.