How I Uncovered Multiple Vulnerabilities in My Alma Mater’s Campus App

The article details an authorized penetration test of a university campus app, revealing sensitive data leakage, horizontal and vertical privilege escalation, face‑photo tampering, and a stored XSS flaw, each demonstrated step‑by‑step with packet captures and screenshots.

information leakagemobile app securitypenetration testing

0 likes · 6 min read

How I Uncovered Multiple Vulnerabilities in My Alma Mater’s Campus App

Top Architect

Jan 19, 2022 · Information Security

Penetration Testing Walkthrough: Bypassing Invitation Code and Accessing the Backend of a Mobile App

This article details a step‑by‑step penetration testing process where the author captures network traffic from a mobile app, enumerates hidden API endpoints, exploits injection flaws to retrieve backend credentials, examines upload validation, and ultimately gains admin access while highlighting the challenges faced.

API enumerationSQL injectionmobile app security

0 likes · 7 min read

Penetration Testing Walkthrough: Bypassing Invitation Code and Accessing the Backend of a Mobile App

Java Backend Technology

Mar 16, 2021 · Information Security

Inside the Fake WeChat App That Promotes Porn: Hidden Mechanics Unveiled

Security researchers dissect the counterfeit “Le Bao” app that mimics WeChat, revealing its covert QR‑code group‑joining, custom decoding, member‑paid porn livestreams, embedded payment methods, server infrastructure, and illicit profit models, highlighting its high concealment and the need for aggressive mitigation.

cybercrimeinformation securitymalware analysis

0 likes · 15 min read

Inside the Fake WeChat App That Promotes Porn: Hidden Mechanics Unveiled