📱 Android Security & Reverse Engineering YouTube Curriculum
This community-curated curriculum brings together hundreds of hours of high-quality Android security research from conferences such as Black Hat, DEF CON, OffensiveCon, CCC, USENIX, ShmooCon, and BSides. Topics cover Android exploitation, reverse engineering, malware analysis, kernel and GPU attacks, baseband security, Bluetooth vulnerabilities, WebView exploitation, mobile forensics, hardware hacking, and supply chain security.
Whether you're interested in Android bug hunting, mobile malware research, exploit development, or reverse engineering, this collection provides a structured roadmap from application-level vulnerabilities to advanced hardware and kernel exploitation techniques.
🔗 https://t.co/QsjLk7qcRS
#AndroidSecurity #ReverseEngineering #MobileSecurity #MalwareAnalysis #BugBounty
After 6 months of extensive research, I have finally published a new blog post! It describes the journey from breaking into my router using a couple of command injections to finding and exploiting a remote heap overflow in a MediaTek kernel driver :D
https://t.co/FeOrZm0fPa
We’ve reviewed hundreds of submissions for 8kSec Battlegrounds.
But we haven’t reviewed yours yet 🧐
8kSec Battlegrounds offers free mobile and AI security labs designed to challenge your skills across different difficulty levels.
‣ Hands-on scenarios.
‣ Progressive challenges.
‣ Certificate upon successful completion.
Ready to test your skills?
https://t.co/LKsEH5m8Ld
Keep learning with @8kSec. Follow us for more security resources!
Our second blog post is out here: https://t.co/mUjTMFpVqN ! We managed to install arbitrary APKs on the Samsung Galaxy S25 from an app without install permissions. For this, @SachaKozma did most of the work, but it was great looking into Samsung's cloud gaming component with him
Chapter 2 of the ARM hypervisor series is out.
We go over taking ownership of the page tables, memory configuration, copying the current tables, verifying that everything is squared away before committing to the switch.
https://t.co/NZwETYsnQn
less than three days left until the start of TRX CTF!
get ready for:
- two kernel pwn challenges
- browser shenanigans
- a *real* x86 challenge
- reversing a kernel module
make sure to register and fight for a spot in the finals in Italy!
https://t.co/knB1TkmHcf
My kinda hot take on the Mythos stuff is really that there is so little money in offensive research that it's still not really that hard to find bugs. These AI companies are operating with budgets that make the entire offensive research of all big tech combined look like a joke
Chapter 1 of the ARM hypervisor series is out.
Topics:
* allocate runtime memory
* read the .efi from disk via UEFI protocols
* parse the PE/COFF headers to call the entry point
* fix up what the loader would have done.
https://t.co/BPDURlIrPn