Tweets from June 2014

@br3akth3lim1t the latest version from git should work properly

2:02pm June 30th 2014 via Falcon Pro in reply to br3akth3lim1t

@kapitanpetko @hubert3 @TeamAndIRC not sure if practical for an attack, but he could potentially receive/read GCM messages from the app

10:38am June 30th 2014 via Falcon Pro in reply to kapitanpetko

From Zygote to Morula: Fortifying Weakened ASLR on Android - [PDF] http://t.co/x2V9ak8pBd via @revskills

6:53am June 30th 2014 via Falcon Pro

RT @obilodeau: Nice quote from #reconmtl "reverse-enginering obfuscated code is like peeling an onion, you cry more at each layer you unwrap" #recon14

8:26pm June 29th 2014 via Falcon Pro

RT @tkHWANG: Genymotion | Installing ARM Translation and GApps http://t.co/xhelofYGto from XDA forum.

5:00pm June 29th 2014 via Falcon Pro

RT @Techmeme: Serious Android crypto key theft vulnerability affects 86% of devices (@dangoodin001) http://t.co/pxnUBCjSPV http://t.co/KpfuR1hj2d

9:55am June 29th 2014 via Falcon Pro

RT @rallat: android sdk tools rev 23 is missing proguard. There is issue opened with a workaround https://t.co/eUEQHkdEuB #androiddev

9:47am June 29th 2014 via Falcon Pro

RT @Joshua_Brindle: @uglypackets @droidsec @dfullerto @pof SELinux is simple, systems are complex. Last attempt to 'simplify', SMACK approaching selinux complex

12:26am June 29th 2014 via Falcon Pro

RT @ochsff: Is TIMA now also coming to Nexus 5 with Android L?

4:32pm June 28th 2014 via Falcon Pro

RT @gynvael: At #ndh2k14, looking forward to "Retro arcade protection & hacking combating evasive malware" talk - sounds epic!;) http://t.co/ByDuzQ2ALl

8:11am June 28th 2014 via Falcon Pro

RT @uglypackets: @dfullerto @pof I still think selinux is the wrong technology. Vendors already screwing it up. Too complex.

8:11am June 28th 2014 via Falcon Pro

RT @Fuzion24: Some inflight wifi(s) give unauth'ed axx to *.google.com (for analytics). Tunnel traffic through *.google via meek https://t.co/Ksx1GcqKxZ

7:48am June 28th 2014 via Falcon Pro

RT @dfullerto: Knox to be part of #Android. #TrustZone isolated microOS waking up to verify SELinux policy for perso/work seperation http://t.co/HS50XhmfRb

7:46am June 28th 2014 via Falcon Pro

RT @Technologeeks: Dump dexdump: Dexter - DEX reverse engineering tool, from Levin's #Android #internals book - http://t.co/cHOdxPK1KO http://t.co/l3AltSbKxR

7:45am June 28th 2014 via Falcon Pro

RT @djrbliss: Good for security, bad for compatibility: Android L linker doesn't run non-PIE executables, but Android < 4.1 doesn't support PIE at all.

11:44pm June 27th 2014 via Falcon Pro

RT @kapitanpetko: @pof @StackSmashing Key is protected/managed by TZ, used in combination w/ scrypt. No details known ATM though.

4:46pm June 27th 2014 via Falcon Pro

@kapitanpetko @StackSmashing quick test with 'cryptfs veryfypw' says the pin is incorrect, used to protect boot but not for FDE key

4:30pm June 27th 2014 via Falcon Pro in reply to kapitanpetko

RT @kapitanpetko: FDE password entry, now with rate limiting. #android http://t.co/nIOndmb0g2

4:10pm June 27th 2014 via Falcon Pro

RT @matthew_d_green: The Bitcoin Robin Hood is my new favorite person on the Internet. http://t.co/1TsRpHqURd

4:09pm June 27th 2014 via Falcon Pro

RT @thierryzoller: Setting up a dynamic Android testbed Part II: Inspecting and modifying traffic http://t.co/omHw5alks8

3:39pm June 27th 2014 via Falcon Pro

nice, encrypted my Android L device and it didn't force me to set a pin/password. So, FDE not derived from lockscreen method anymore :)

11:07am June 27th 2014 via Twitter Web Client

RT @ChainfireXDA: Fix SuperSU on L: copy /system/etc/install-recovery,sh to /system/bin/install-recovery.sh from recovery. Can't update the ZIP from abroad...

8:25am June 27th 2014 via Falcon Pro

RT @kapitanpetko: So FDE in Android L does not require a password/PIN. Discuss :)

8:24am June 27th 2014 via Falcon Pro

RT @kapitanpetko: @jduck @karimyaghmour @pof Looks like it: $ seinfo sepolicy |grep Permis Permissives: 1 (was 42 in KK)

7:42am June 27th 2014 via Falcon Pro

RT @alsutton: This looks dangerous - "Task locking - "…a new task locking API that lets you temporarily restrict users from leaving your app.." #androidL

12:57am June 27th 2014 via Falcon Pro

RT @karimyaghmour: Android Auto runs the apps on the phone and remotely displays them on your car over Open Accessory protocol via USB: https://t.co/neEI3fFO3z

7:54pm June 26th 2014 via Falcon Pro

RT @alsutton: #Android L Preview site has been updated. Images for N5 & N7 are available from http://t.co/ANRIHne9cC

7:47pm June 26th 2014 via Falcon Pro

RT @alsutton: New #AndroidDev tools are out, update to get access to get the L preview tools for API level 20 (yes, 20) http://t.co/wzGyrJ2Z5k

4:50pm June 26th 2014 via Falcon Pro

RT @pwntester: About to start my talk on how to find missing authorization checks using static analysis. Live stream at: https://t.co/3lQX8EXvqa

4:48pm June 26th 2014 via Falcon Pro

RT @utoprime: #towelroot v3 is now live. New feature, modstrings. Opens up possibility of supporting even more devices. http://t.co/LoWrmnAXEC

4:27pm June 26th 2014 via Falcon Pro

RT @kapitanpetko: Finally useful feature in Google Play Services -- ability to update the crypto provider native library. Very handy for dealing with OpenSSL

4:24pm June 26th 2014 via Falcon Pro

RT @tkeetch: I've now posted the slides from my talk on NFC The Non-Radio Bits. http://t.co/HsEgQ1zHwj (cc: @DC4420 @xa329 @rfidiot @nmonkee )

7:13am June 26th 2014 via Falcon Pro

@saidelike @4Dgifts @karimyaghmour AOSP now doesn't allow to set permissive on user builds - https://t.co/sOH0vxBIga

9:41pm June 25th 2014 via Falcon Pro in reply to saidelike

@4Dgifts @karimyaghmour Samsung did it in 4.3 for Knox, but "vanilla" Android had it on Enforcing by default since 4.4

9:38pm June 25th 2014 via Falcon Pro in reply to 4Dgifts

@saidelike yes, they announced it on the keynote

9:37pm June 25th 2014 via Falcon Pro in reply to saidelike

@karimyaghmour 4.4+ already has Enforcing mode by default

9:07pm June 25th 2014 via Falcon Pro in reply to karimyaghmour

RT @AndroidPolice: [I/O 2014] Numerous Enterprise-Related Security Enhancements Are Slated For The L Release, Including Samsung KNOX... http://t.co/q1RllIvQUr

8:58pm June 25th 2014 via Falcon Pro

wow Samsung contributed KNOX to Android!

5:57pm June 25th 2014 via Twitter Web Client

RT @jr_raphael: Big question: Will TV manufacturers and automakers be responsible for rolling out future Android OS updates? Let's hope not. #io14

5:36pm June 25th 2014 via Twitter Web Client

RT @alsutton: Note: Water resistant, not Waterproof #ImportantDifference - “@AndroidPolice: All Android smartwatches are water resistant.”

5:31pm June 25th 2014 via Twitter Web Client

RT @alsutton: Lots of #AndroidWear devices available later today from @GooglePlay.... but in which countries? #AreYouGlobal

5:18pm June 25th 2014 via Twitter Web Client

RT @googledevs: I/O 14 is Live. @sundarpichai just stepped on stage, to welcome a room full of 6,000 developers in Moscone. https://t.co/PzbSkqkXkC #io14

4:18pm June 25th 2014 via Twitter Web Client

Watch google IO 2014 live keynote - https://t.co/sm9Eu4LsSI

4:11pm June 25th 2014 via Twitter Web Client

Free kindle edition: "Android on x86: An Introduction to Optimizing for Intel Architecture" - http://t.co/qZejpoQ4S7

4:00pm June 25th 2014 via Twitter Web Client

@ibelmonte it's a standard Android zoom feature (mostly used by devices without multitouch screen), try it on maps, bowser, gallery, etc...

3:45pm June 25th 2014 via Falcon Pro in reply to ibelmonte

RT @duosec: Duo Security researchers uncover bypass of #PayPal’s two-factor authentication http://t.co/gT3tes1gT7 #2FA

2:43pm June 25th 2014 via Falcon Pro

RT @kapitanpetko: About EncryptedPasswd in GLS. Includes some guesswork, but on the right track, mostly. http://t.co/6nYhsSXtuK

4:31pm June 24th 2014 via Falcon Pro

RT @Fuzion24: Android MSM Unprivileged GPU command IOMMU page tables (CVE-2014-0972) partial POC: https://t.co/8p6ws4v8ou

4:28pm June 24th 2014 via Falcon Pro

RT @virqdroid: RootGuard: Protecting Rooted Android Phones - http://t.co/gUg8HoCQj3 - https://t.co/baiTqIApcm

4:26pm June 24th 2014 via Falcon Pro

Mediatek-based phones shut down and reset upon receiving an SMS text message containing an equal symbol '=' - http://t.co/CAGL3vZt4A

4:16pm June 24th 2014 via Falcon Pro

RT @revskills: the story of CVE-2014-0972 Fire TV, http://t.co/KhxSKxY0N3

9:51am June 24th 2014 via Falcon Pro

RT @Fuzion24: Android KeyStore Stack Buffer Overflow (CVE-2014-3100) http://t.co/VKw53Xrx5l was in CTS for awhile: https://t.co/UtcHBWBqJM

9:40am June 24th 2014 via Falcon Pro

RT @kutyacica: New CAF advisory: CVE-2014-0972 unprivileged GPU command streams can change the IOMMU page table https://t.co/hxnVuHqP1P

9:30am June 24th 2014 via Falcon Pro

RT @TeamAndIRC: there goes ones of hte firetv roots https://t.co/yF4J0BBvey

9:30am June 24th 2014 via Falcon Pro

RT @IBMSecurity: Public Vulnerability Disclosure: Stack-Based Buffer Overflow in the #Android KeyStore Service http://t.co/ETsr7pcsz9 http://t.co/xmyUhp5Lua

9:27am June 24th 2014 via Falcon Pro

RT @TeamAndIRC: SunShine S-OFF for modern HTC Devices (HTC m8, etc). Works on "whelp" devices http://t.co/EsRbFPxWMR

9:24am June 24th 2014 via Falcon Pro

RT @TeamAndIRC: I'll be covering multiple, non-publicly disclosed, Motorola, HTC, OnePlus etc bootloader vulns and how to exploit them in Vegas. Fun stuff!

6:43am June 23rd 2014 via Falcon Pro

RT @RedragonX: Did you know that using * in a terminal is dangerous? Me and @DefuseSec figured out how to abuse it to execute code. https://t.co/9Iq2R9R5rw

6:42am June 23rd 2014 via Falcon Pro

An introduction to gikdbg.art (aka Android Ollydbg) attaching Towelroot - http://t.co/SkQN6iDHxO

6:33am June 23rd 2014 via Falcon Pro

RT @xdadevelopers: AOSP Commits Reveal Change to API Level Naming Convention http://t.co/m43AJoYgbI

7:50pm June 22nd 2014 via Falcon Pro

RT @gdssecurity: Getting started with Mobile Substrate for dynamic hooking on Android apps? Check out our latest blog post http://t.co/jwWgpeYqz9

7:32pm June 22nd 2014 via Falcon Pro

RT @quequero: How the new Android RunTime (ART) works: http://t.co/qsnDW47fuz

9:40pm June 21st 2014 via Falcon Pro

RT @grsecurity: Kernel patch to automatically set a random MAC whenever an interface is brought up (where supported): https://t.co/6AETECfNst

9:36pm June 21st 2014 via Falcon Pro

RT @GabrielGonzalez: New Post! "Inertial Sensor Side Channel: Guessing Your Unlock Code" http://t.co/0DvFrxL45c #security #embedded

4:05pm June 21st 2014 via Falcon Pro

RT @Accuvant: New blog post from @jduck, "Android Hacker’s Handbook Crowd Sourced Q & A Session," http://t.co/BRzEpHvlmR

9:10am June 21st 2014 via Falcon Pro

RT @0xroot: PlayDrone - A Google Play Crawler - https://t.co/SZJJ8d4T5N

6:44pm June 20th 2014 via Falcon Pro

RT @saidelike: towelroot v2 works on the HTC one (M7) with HTC_Europe_4.19.401.9 firmware (cc @Cubsfan365)

6:44pm June 20th 2014 via Falcon Pro

RT @ochsff: It is beyond careless that the Nexus 5 4.4.4 factory image release does not fix CVE-2014-3153.

6:42pm June 20th 2014 via Falcon Pro

RT @mylifeasaloser: Android security weaknesses caused by performance design identified http://t.co/lPM4xtyAXi

6:41pm June 20th 2014 via Falcon Pro

RT @utoprime: #towelroot V2 is now live. Faster root.. no reboot needed.. s'nice. http://t.co/O6r0YgcT3n

6:40pm June 20th 2014 via Falcon Pro

RT @AndroidPolice: Changelog Posted For Android 4.4.3 (KTU84M) To 4.4.4 (KTU84P), Just Security Fixes http://t.co/Jben86FVK2

6:35pm June 20th 2014 via Falcon Pro

RT @todb: This week's @Metasploit update is out with another #Android exploit: https://t.co/R6UTW1f0w4

6:32pm June 20th 2014 via Falcon Pro

RT @timstrazz: regarding PlayDrone: https://t.co/03ukIAQCyP "whoops!"

6:27pm June 20th 2014 via Falcon Pro

RT @cryptax: "PlayDrone the first scalable Google Play store crawler" hmmm. At least I know Lookout had one. Even wrote a paper on it with @timstrazz !

5:41pm June 20th 2014 via Falcon Pro

RT @ibrahimbalic: do you need android samples? click the link bellow ;) ftp://r3dd1t:123123@androidsandbox.net #AndroidSandbox

10:37am June 19th 2014 via Twitter Web Client

Android Anti-forensics: Modifying CyanogenMod - (PDF) http://t.co/peW4sMxS5e via @marcograss

10:35am June 19th 2014 via Twitter Web Client

RT @xdadevelopers: BREAKING: Next Major Version of Android to Finally Remove Dalvik and Set ART as Default http://t.co/UFSAC9ha2k

8:20am June 19th 2014 via Falcon Pro

RT @Mobile_Sec: Setting up a dynamic Android testbed Part I: Emulated vs physical devices http://t.co/cUdPt5uHrg

5:28pm June 18th 2014 via Falcon Pro

Code Injection Attacks on HTML5-based Mobile Apps [Paper http://t.co/P9P2LMfxlM | Slides http://t.co/kEbYkP74Br ]

7:35am June 18th 2014 via Twitter Web Client

A First Look at Firefox OS Security (PDF) [Paper http://t.co/cmzhKByaTZ | Slides http://t.co/FLIopSIHb4 ]

7:33am June 18th 2014 via Twitter Web Client

A Systematic Security Evaluation of Android's Multi-User Framework [Paper http://t.co/9rSwW20xtT | Slides http://t.co/HupxKZmMFu ]

7:32am June 18th 2014 via Twitter Web Client

Andlantis: Large-scale Android Dynamic Analysis (PDF) - http://t.co/MbWaWJK4eI

7:30am June 18th 2014 via Twitter Web Client

Enter Sandbox: Android Sandbox Comparison (PDF) [Paper http://t.co/8U0D4AWCd4 | Slides http://t.co/OXb4qagA7D ]

7:29am June 18th 2014 via Twitter Web Client

An Application Package Config. Approach to Mitigating Android SSL Vulns [Paper http://t.co/EHK50Zya2x | Slides http://t.co/H7mVSpKcAu ]

7:27am June 18th 2014 via Twitter Web Client

Sprobes: Enforcing Kernel Code Integrity on the TrustZone Architecture (PDF) [Paper http://t.co/xhuhISkh4P | Slides http://t.co/Utd4ri4Km5 ]

7:24am June 18th 2014 via Twitter Web Client

RT @TeamAndIRC: No major phone manufacturer is vulnerable to the new QCom signing vulnerability, anyone telling you otherwise is a moron

7:18am June 18th 2014 via Falcon Pro

RT @kutyacica: CVE-2014-0973 applicability of course will depend on OEM customization of bootloaders.

7:11am June 18th 2014 via Falcon Pro

Incomplete signature parsing in LK during boot image authentication leads to signature forgery (CVE-2014-0973) - https://t.co/sw5tOE1yIl

7:10am June 18th 2014 via Falcon Pro

RT @ZIMPERIUM: Detection of TowelRoot & Exploits of CVE-2014-3153 on mobile devices http://t.co/Y3or5QWD3y

7:07am June 18th 2014 via Twitter Web Client

RT @timstrazz: #Mobile ASM level debugger based on OllyDbg/GDB/LLVM #iOS #Android http://t.co/WEnPRGPP3K Almost makes me want to find a win box

9:15pm June 16th 2014 via Falcon Pro

RT @trufae: I have made available all my FxOS apps to all supported platforms. Now you can use rax2, hass, nimi ali and more on Android and Desktop too!

8:49pm June 16th 2014 via Falcon Pro

rax2 FirefoxOS app by @trufae running on Android :) http://t.co/lHI5F2EL4c

8:49pm June 16th 2014 via Falcon Pro

RT @trufae: Code to create a JD-GUI error /via irc http://t.co/He80nK3Oly

10:07pm June 15th 2014 via Falcon Pro

RT @aramosf: simple scripts to make sure your web server is configured correctly under HTTPS: http://t.co/VcZjk7S7QK

10:03pm June 15th 2014 via Falcon Pro

RT @xdadevelopers: Fix the New Google Play Store Permissions System Using Xposed http://t.co/MuuxSIoiPN

9:53pm June 15th 2014 via Falcon Pro

Geohot's #towelroot uses CVE-2014-3153 (Linux kernel futex local privilege escalation) - http://t.co/KAO0YvOiCo

6:28pm June 15th 2014 via Twitter Web Client

@MordodeMaru tethered suele ser mas "seguro" ya q no lo pueden usar los autores d malware (dsd una app, sin estar conectado al PC).

6:05pm June 15th 2014 via Twitter Web Client in reply to MordodeMaru

@MordodeMaru un método publicado para rootear el terminal

5:49pm June 15th 2014 via Falcon Pro in reply to MordodeMaru

@MordodeMaru permite rootear varios terminales para los q no habia root público hasta ahora. Además es "untethered" (no requiere adb shell).

5:35pm June 15th 2014 via Twitter Web Client in reply to MordodeMaru

Geohot's #towelroot: root every Android phone with a kernel build date < Jun 3 2014 - http://t.co/KAO0YvOiCo

5:23pm June 15th 2014 via Twitter Web Client

@oriolrius el Safont estaria orgullós :P

11:31am June 15th 2014 via Falcon Pro in reply to oriolrius

RT @binitamshah: Android Sandbox - Automated Malware Analysis & Reverse-Engineering : http://t.co/Ism1BEcOp5

3:20pm June 14th 2014 via Falcon Pro

RT @TeamAndIRC: Another exploit for the vold/asec vulnerability http://t.co/oWZROKyZjs, very neat implementation

8:30pm June 13th 2014 via Falcon Pro

RT @mikko: Tomorrow is the 10th anniversary of the first mobile phone virus ever (Cabir): http://t.co/ikTvWduI6d http://t.co/HTN4zZnlAU

8:27pm June 13th 2014 via Falcon Pro

Run FirefoxOS apps on Android - https://t.co/0sRcWaf3UR

8:05pm June 13th 2014 via Falcon Pro

@julianvilas @deese me comentan que @dmedianero también se dejo las perras en la recreativa en su día... ya tenemos para torneo online! :P

10:54am June 13th 2014 via Falcon Pro in reply to julianvilas

@julianvilas @deese me he enterado que repartisteis leña con #StreetFighter en la malcon, unos vicios online? http://t.co/Fc2Brorcj8 ;-)

10:48am June 13th 2014 via Falcon Pro

RT @VAguileraDiaz: @pof nos va a exponer su ámplia experiencia en reversing y protección de aplicaciones #Android #OWASPSpain8 http://t.co/XxrQJLp3HF

10:23am June 13th 2014 via Falcon Pro

@Jortfal gracias, me alegro que te haya gustado :)

10:22am June 13th 2014 via Falcon Pro in reply to Jortfal

@NN2ed_s4ur0n @Seifreed @ggdaniel jajaja no es para tanto, q lo de hoy era sencillito :D

10:21am June 13th 2014 via Falcon Pro in reply to NN2ed_s4ur0n

RT @ChainfireXDA: Here's some source patches to Omni for randomized MAC Wi-Fi scanning http://t.co/6mHBrBqDSH ...

1:20am June 13th 2014 via Falcon Pro

RT @nmonkee: "Putting JavaScript Bridges into (Android) Context” ref: CVE-2012-6636 http://t.co/VsCX83f9P9. Context FTW \o/ http://t.co/KKZjsF5PFf

1:17am June 13th 2014 via Falcon Pro

Slides ready for #OWASPSpain8, see you in a few hours at @OWASPSpain :)

12:53am June 13th 2014 via Twitter Web Client

new on AOSP: only allow disabling SELinux on userdebug / eng builds - https://t.co/sOH0vxBIga

6:48pm June 12th 2014 via Twitter Web Client

RT @r_netsec: 15 minutes until @jduck, @quine, @s7ephen, @pof, @collinrm, & @ochsff join us for an Android security AMA.

5:52pm June 12th 2014 via Twitter Web Client

RT @XipiterSec: Join @ochsff @jduck @s7ephen @collinrm @pof @quine for the Android Hacker's Handbook AMA on Reddit 06/12 at 11am PST https://t.co/V6NUh0RL3N

8:54pm June 11th 2014 via Falcon Pro

RT @viaforensics: Upcoming Reddit AMA with @pof @jduck @collinrm @ochsff @s7ephenand, also Pau's preso at OWASP Spain... https://t.co/DokIu7QO7a

5:06pm June 11th 2014 via Twitter for Websites

Will be doing a Reddit AMA on /r/netsec tomorrow - https://t.co/8h27zdkmj5 and speaking at OWASP Spain on friday - https://t.co/137pin3WIL

1:58pm June 11th 2014 via Twitter Web Client

RT @r_netsec: The Android security AMA with the authors of the Android Hacker's Handbook is tomorrow (June 12th) at 11am PDT. - https://t.co/eG1pUTBd6W

1:49pm June 11th 2014 via Twitter Web Client

RT @AndroidTamer: a Quick infogram about various obfuscation engine available for android. http://t.co/n6bdEsTtBd

9:54am June 11th 2014 via Twitter Web Client

@1lio @mercemolist @Blackhold_ lol :-) segur que sería molt mes divertida una talk del Gerardo :P

8:46pm June 10th 2014 via Twitter Web Client in reply to 1lio

Latest @google screw up: What latest changes to Play Store app means for privacy - http://t.co/9fT8Xkt2sm

6:10pm June 10th 2014 via Twitter Web Client

@roman_soft felicidades!! lo mismo para ti :D

6:09pm June 10th 2014 via Falcon Pro in reply to roman_soft

RT @ChainfireXDA: Some more musings about Wi-Fi tracking and MAC changing - https://t.co/cwfCa48B4p

6:03pm June 10th 2014 via Falcon Pro

RT @kapitanpetko: Looks like CM now supports a separate device encryption password. #GreatSuccess http://t.co/pG5cLXXbgK

11:07am June 10th 2014 via Falcon Pro

RT @kapitanpetko: Updated the backup extractor to handle 4.4.3 archives (ver2). Still easier to do w/ OpenSSL if not encrypted. https://t.co/GkguozbXSm

11:03am June 10th 2014 via Falcon Pro

RT @ChainfireXDA: On the state of Pry-Fi - https://t.co/Vv5HcWlBJl ( also @thegrugq )

8:44am June 9th 2014 via Falcon Pro

RT @FredericJacobs: iOS 8 randomises the MAC address while scanning for WiFi networks. Hoping that this becomes an industry standard. https://t.co/oGsZMtydUo

5:39am June 9th 2014 via Falcon Pro

RT @javutin: Make your ugly bash one-liners look like a piece of engineered software! http://t.co/pDl9nz1GIn

6:54am June 7th 2014 via Falcon Pro

RT @todb: Just a quick demo of the #Android WebView AddJavascriptInterface bug on KitKat using the @Maxthon browser: https://t.co/1iCmVHRbWz

6:27am June 6th 2014 via Falcon Pro

@gnumax me alegro que te guste, un saludo :)

6:23am June 6th 2014 via Falcon Pro in reply to gnumax

IDA Pro 6.6 includes a dalvik debugger, tutorial: [PDF] https://t.co/x8eN7480on https://t.co/4GNarqJTuW

8:08am June 5th 2014 via Twitter Web Client

RT @alsutton: 4.4.3_r1* #AOSP kernel sources are out - https://t.co/U6r6REM3s9

6:41am June 5th 2014 via Falcon Pro

Hooker: opensource project for dynamic analysis of Android applications to intercept and modify their API calls - https://t.co/3PZP9OBGlo

9:30pm June 4th 2014 via Falcon Pro

RT @anwarelmakrahy: So finally today Metasploit merged my android reverse_http* payloads into their master repo on Github. Check it at http://t.co/SxXGCP03sX

9:22pm June 4th 2014 via Falcon Pro

RT @timstrazz: *chuckles* looks like most mediatek devices won't pass CTS until the rename their file to "fotabinder2" :) https://t.co/kmAY5Fph3K

9:15pm June 4th 2014 via Falcon Pro

RT @Foundstone: New Blog Post: Debugging Android Applications http://t.co/2v43poHsMw

9:14pm June 3rd 2014 via Falcon Pro

RT @TeamAndIRC: and no, it doesn't work on any device in which the OEM has setup SEAndroid properly (Nexus 5, Samsung, LG G3, Sony Z2 etc)

6:41pm June 3rd 2014 via Falcon Pro

RT @TeamAndIRC: The best known, least talked about Android bug is finally dead, this is the MotoX 4.4.2 root: http://t.co/pC4uwi93Mw

6:41pm June 3rd 2014 via Falcon Pro

[Root 4.4.X] Pie for Motorola devices, vold root exploit by @TeamAndIRC - http://t.co/xVI29Lrj01

6:34pm June 3rd 2014 via Falcon Pro

Local root vulnerability in vold daemon affecting Android <=4.4.2 - http://t.co/HWTvb1OtHB

6:32pm June 3rd 2014 via Falcon Pro

RT @kapitanpetko: @commonsguy Like domain squatting :) The fix in 4.4.3 is only for system permissions: https://t.co/tIDBP7QD3M

2:43pm June 3rd 2014 via Falcon Pro

RT @commonsguy: @kapitanpetko How are you defining "permission squatting"? Do you mean the "first one in wins" problem? https://t.co/aDD2HiEvhx

2:43pm June 3rd 2014 via Falcon Pro

Android keystore key leakage between security domains (4.0 to 4.4.2 devices without lock PIN, passphrase or pattern)- http://t.co/qNoFoNu3dB

2:38pm June 3rd 2014 via Falcon Pro

@angealbertini are the slides of your area41 retro gaming talk up somewhere? #MissedItAndCantDieToSeeIt

2:25pm June 3rd 2014 via Falcon Pro in reply to angealbertini

RT @HenryHoggard: Android 4.4.3 has fixed my Secure USB Debugging & Lock Screen Bypass, Post Coming Soon!

11:08am June 3rd 2014 via Falcon Pro

RT @saidelike: NFC host card emulation samples (reader + writer) for Android https://t.co/aKjrj9S1j1 cc @FlUxIuS

6:53am June 3rd 2014 via Falcon Pro

RT @filmaj: FYI @saucelabs opensourced a node wrapper around android's adb https://t.co/mY5NtLv1K0 used by @AppiumDevs, basically useful internals OS'ed

6:50am June 3rd 2014 via Falcon Pro

RT @funkyandroid: We've released the commit log for the difference between Android 4.4.3 r1 (KTU84L) and 4.4.2 r1 (KOT49H) : https://t.co/tE1dG23LVh

6:49am June 3rd 2014 via Falcon Pro

RT @kapitanpetko: So Android 4.4.3 fixes permission squatting and (maybe) simultaneous VPNs should work now.

3:59am June 3rd 2014 via Falcon Pro

RT @AndroidPolice: Android 4.4.3 Now Live In AOSP http://t.co/Q2RQXt9S9A

3:54am June 3rd 2014 via Falcon Pro

RT @AndroidPolice: Android 4.4.3 Factory Images And Binaries For Nexus 4, Nexus 5, Nexus 7, And Nexus 10 Are Out http://t.co/O1X2h7o2IX

3:53am June 3rd 2014 via Falcon Pro

@tanomattioli gracias, me alegro que te sea útil :) un saludo!

8:30am June 2nd 2014 via Falcon Pro in reply to tanomattioli

@ProtomCannon what's your email to report a security issue in http://t.co/iUzPwxxDd6? I tried your old vmware & inkblot@srk but both bounce.

7:40am June 2nd 2014 via Twitter Web Client

RT @r_netsec: Featured AMA: Android Hacker's Handbook Authors - June 12th, 11:00am PDT - https://t.co/iztgtAQzTM

8:08am June 1st 2014 via Falcon Pro

RT @ChainfireXDA: Wave goodbye to writable /system on stock rooted Android, and say hello to more forced custom kernel/recovery use - https://t.co/lMuVhUTOuJ

7:33am June 1st 2014 via Falcon Pro

RT @Hfuhs: Android Hacking and Security, Part 7: Attacks on Android WebViews - http://t.co/6O151QDg8c

7:26am June 1st 2014 via Falcon Pro