Nithin R Profile picture
Oct 20 11 tweets 4 min read
Venturing into Mobile Application Pentesting?

Checkout these frequently used tools and upskill your game.

🧵👇

#bugbounty #mobilehacking #infosec #cybersecurity #hacking
1️⃣ Frida: A dynamic instrumentation toolkit for developers, reverse engineers, and security researchers

Link: frida.re
2️⃣ Android Debug Bridge (adb):

Android Debug Bridge (adb) is a versatile command-line tool that lets you communicate with a device.

Link: developer.android.com/studio/command…
3️⃣ Burpsuite: The most elegant and well designed proxy for intercepting requests and much more.

Link: portswigger.net/burp
4️⃣ Apktool: A tool for reverse engineering 3rd party, closed, binary Android apps.

Link: ibotpeaches.github.io/Apktool/
5️⃣ dex2jar: Tool to conver .dex to .class files.

Link: github.com/pxb1988/dex2jar
6️⃣ JD-GUI: A standalone graphical utility that displays Java sources from CLASS files.

Link: github.com/java-decompile…
7️⃣ MobSF: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Link: github.com/MobSF/Mobile-S…
8️⃣ Ghidra: A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission.

Link: ghidra-sre.org
🌟 Do you use any other tools that is not mentioned above?

🔽 Let the world know in the comments below.
That's a wrap!

If you enjoyed this thread:

1. Follow me @thebinarybot for more of these
2. RT the tweet below to share this thread with your audience

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Nithin R

Nithin R Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @thebinarybot

Oct 20
JSON Web Tokens (JWTs) explained - Part 10 of the "Understanding the Internet" series.

🧵👇

#bugbounty #infosec #cybersecurity #hacking
🔴 What is it?

JSON Web Tokens, also known as JWTs, is one of the most commonly used mechanisms to authenticate an entity. A JSON Web Token has 3 main components - header, payload and a signature.
🔴 What does each component do?

The first two components, i.e. the header and the payload have a defined structure and purpose whereas the signature is dependent on the algorithm that's used for encrypting the token. In cases where there's no encryption, this field is omitted.
Read 11 tweets
Oct 20
63.58% of internet users use Google Chrome and there are about 137,000 Google Chrome extensions available in store.

Here are 7 extensions that you definitely install right now to be more productive.
1️⃣ @ScribeHow

Auto-generate step-by-step guides for FREE.

Scribe saves any team 20+ hours a month with instant process documentation, complete with text and screenshots.

Link: rb.gy/kigkqt
2️⃣ Forest

Use Forest to stay focused. Visualize your progress and stay motivated!

Link: rb.gy/u5cv3w
Read 9 tweets
Oct 20
Got imposter syndrome?

Don't worry, let's use it our advantage.

Wondering how? Read the thread below.

🧵👇

#productivity #growth #impostersyndrome
👍 Using the Imposter syndrome as motivation

The imposter syndrome is the belief that your achievements at work are unworthy of you and that you will eventually be revealed as a fraud. Imposter syndrome sufferers believe it is detrimental to their achievement.
However, the actions that "imposters" do to make up for their self-doubt might improve their performance at work and inspire them to exceed their counterparts who are not imposters in terms of interpersonal skills.
Read 13 tweets
Oct 19
Working on Windows Privilege Escalation?

Here are some must-check resources that might help you.

🧵👇

#redteaminig #WindowsPrivilegeEscalation #infosec #cybersecurity #hacking
1️⃣ Tool: WinPEAS

WinPEAS is a script designed to enumerate the target system and find attack vectors that can help you escalate your privilege.

Link: rb.gy/lcaeol
2️⃣ Tool: PrivescCheck

This script aims to enumerate common Windows configuration issues that can be leveraged for local privilege escalation. It also gathers various information that might be useful for exploitation and/or post-exploitation.

Link: rb.gy/ecocnv
Read 10 tweets
Oct 19
Being busy all time leads to bad decisions.

Know why? Read below.

🧵👇
🔵 Chronically Busy

People who are overworked and stressed out usually destroy their work-life balance by bringing work home with them or worrying excessively about unfinished tasks, which causes stress.
People who are constantly busy feel squeezed for time and stressed out, which reduces their attention and cognitive capacity.
Read 11 tweets
Oct 18
Need FREE labs to practice mobile app pentesting?

Don't worry, I got you covered!

Checkout 5 FREE labs below to smash those bugs in mobile applications and earn $$$$.

🧵👇

#androidPentesting #iOSPentesting #mobilePentesting #bugbounty #labs
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(