search
    Security expand_more
    Security chevron_right

    Offensive & defensive security insights.

    Blockchain
    Web3 and smart contract vulnerabilities.
    Cloud Security
    Infrastructure and network defense.
    Cryptography
    Encryption algorithms and principles.
    Forensics
    Digital investigation and analysis.
    Governance Risk and Compliance
    Policies, standards, and risk management.
    Hack the Box
    Offensive security practice and writeups.
    Identity and Access Management
    IAM architectures and principles.
    Mobile Security
    Securing iOS and Android applications.
    Network Security
    Protecting network infrastructure.
    Payment Card Industry Data Security Standard
    PCI DSS compliance.
    Security Operations
    Monitoring and incident response.
    Threat Intelligence
    Analyzing cyber threats.
    Vulnerabilities
    Common security flaws and mitigations.
    Web Security
    Securing web applications and APIs.
    Open Source Intelligence (OSINT)
    Open Source Intelligence (OSINT)
    Technical Deep Dive into OSINT and Dual-Perspective Strategies
    Learn more chevron_right
    Engineering expand_more
    Engineering chevron_right

    Scalable systems & modern engineering.

    Algorithms & Data Structures
    Core computer science concepts.
    Database Systems
    SQL, NoSQL, and data modeling.
    DevOps & Automation
    CI/CD and infrastructure code.
    Programming Fundamentals
    Language syntax and best practices.
    SysOps & Infrastructure
    System administration and scaling.
    System Design & Architecture
    Designing scalable applications.
    UI/UX & Frontend Foundations
    Advanced CSS animations and modern frontend principles.
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Frontend & UI/UX Terminology: The Visual Language of the Web
    Learn more chevron_right
    AI & ML expand_more
    AI & ML chevron_right

    Generative AI & LLM architectures.

    AI Agents & Automation
    Multi-agent systems, orchestration, and AI-driven development workflows.
    GenAI
    Generative models and applications.
    Machine Learning
    Data processing and predictive models.
    Security Considerations for AI Agents
    Security Considerations for AI Agents
    Security Considerations for AI Agents
    Learn more chevron_right
    Career expand_more
    Career chevron_right

    Interview tips & career strategies.

    Certificates
    Professional certifications and study guides.
    Interview
    Preparation and technical interviews.
    Post-Interview
    Next steps and negotiations.
    Automating OSCP Reports
    Automating OSCP Reports
    Automating OSCP and Penetration Testing Reports
    Learn more chevron_right
    Personal expand_more
    Personal chevron_right

    Identity, philosophy & personal growth.

    Identity
    Personal reflections and identity.
    Life Information
    Useful tips and life hacks.
    Philosophy
    Thoughts and philosophical discussions.
    The world of hacker
    The world of hacker
    요즘에는 배워야 할 것들이 너무 많아서 압박감을 느낄 정도이다보니 이런 글을 쓰게 되었다. 나의 시간은 제한적인데 무엇을 배워야할지, 어디에 시간을...
    Learn more chevron_right
    Tools expand_more
    Tools chevron_right

    Hand-picked toolkits & tech tutorials.

    Exploitation
    Tools for offensive security.
    Reconnaissance
    Information gathering tools.
    Operating System
    OS-level tools and utilities.
    Jekyll
    Static site generation.
    Forensics Tools
    Digital forensics utilities.
    ELK
    Elasticsearch, Logstash, and Kibana.
    Waybackurls
    Waybackurls
    Waybackurls: Discovering Forgotten Paths for Reconnaissance
    Learn more chevron_right
    Security
    Mobile Security

    Android Pentesting Note

    ·

    Android Penetration Testing Notes

    Android penetration testing requires a methodical approach across static analysis, dynamic analysis, and network traffic inspection. The notes below capture key techniques and commands used in practice.

    Environment Setup

    Starting Frida Server on Device

    1

    adb shell "su -c 'cd /data/local/tmp && ./frida-server-17.2.6-android-arm64'"

    This command uses ADB (Android Debug Bridge) to:

    1. Open a shell on the connected device.
    2. Execute as root (su -c).
    3. Navigate to the standard working directory for pentest tools on Android (/data/local/tmp).
    4. Start the Frida server binary for arm64 architecture.

    The Frida server must be running on the device before any Frida scripts can attach to processes from the host machine. The binary name includes the version and architecture — always match the server version to the Frida client version installed on the host.

    Reference

    1

    adb shell "su -c 'cd /data/local/tmp && ./frida-server-17.2.6-android-arm64'"

    Related Posts

    Open Source Intelligence (OSINT)
    Security

    Open Source Intelligence (OSINT)
    OpenCTI
    Security

    OpenCTI
    Cyber Kill Chain
    Security

    Cyber Kill Chain
    Key Roles in Data Governance and System Security
    Security

    Key Roles in Data Governance and System Security