|
Web Socket (WS)
|
WebSocket Traffic |
100 |
January 2nd, 3:49:04 PM
|
|
Web Socket Secure (WSS)
|
WebSocket Traffic |
100 |
January 2nd, 3:41:40 PM
|
|
2FA - OTP Leakage
|
Authentication |
100 |
January 2nd, 3:37:52 PM
|
|
Predictable Initialization Vector
|
Symmetric Encryption |
100 |
January 2nd, 3:34:32 PM
|
|
AES
|
Symmetric Encryption |
100 |
January 2nd, 3:12:43 PM
|
|
2FA - Status Code Manipulation
|
Authentication |
100 |
January 2nd, 12:16:27 PM
|
|
Emulator Default IP Check
|
Emulator detection |
100 |
January 2nd, 12:14:04 PM
|
|
Check Package Name
|
Emulator detection |
100 |
January 2nd, 12:13:15 PM
|
|
Debug Flag
|
Emulator detection |
100 |
January 2nd, 12:12:29 PM
|
|
Virtual Phone Number
|
Emulator detection |
100 |
January 2nd, 12:11:43 PM
|
|
Su Exists
|
Root Detection |
100 |
January 2nd, 12:09:56 PM
|
|
Test Keys
|
Root Detection |
100 |
January 2nd, 12:08:56 PM
|
|
BusyBox Binary
|
Root Detection |
100 |
January 2nd, 11:57:42 AM
|
|
SSTI
|
Web Application |
100 |
January 2nd, 11:21:04 AM
|
|
Potentially Dangerous Apps
|
Root Detection |
100 |
January 2nd, 11:01:21 AM
|
|
QR Code
|
Miscellaneous |
100 |
March 13th, 2:41:07 PM
|
|
KeyStore
|
Insecure Data Storage |
100 |
December 6th, 2:36:04 PM
|
|
GPS Location
|
Device ID |
100 |
December 6th, 2:16:47 PM
|
|
2FA - Integrity Validation
|
Authentication |
100 |
December 5th, 3:05:15 PM
|
|
2FA - Response Manipulation
|
Authentication |
100 |
December 5th, 2:34:07 PM
|
|
Dangerous Props
|
Root Detection |
100 |
December 5th, 2:03:36 PM
|
|
Hardware Specifications
|
Emulator detection |
100 |
December 5th, 2:00:27 PM
|
|
Emulator Files Check
|
Emulator detection |
100 |
December 5th, 1:57:12 PM
|
|
Device ID based detection
|
Emulator detection |
100 |
December 5th, 1:55:00 PM
|
|
Network Operator Name
|
Emulator detection |
100 |
December 5th, 1:51:50 PM
|
|
QEmu Detection
|
Emulator detection |
100 |
December 5th, 1:49:48 PM
|
|
International mobile subscriber identity (IMSI)
|
Device ID |
100 |
December 5th, 12:33:28 PM
|
|
IMEI/ESN
|
Device ID |
100 |
December 5th, 12:31:53 PM
|
|
Device Wi-Fi MAC
|
Device ID |
100 |
December 5th, 12:25:12 PM
|
|
SSAID/ANDROID_ID
|
Device ID |
100 |
December 5th, 12:23:21 PM
|
|
SQLite Databases (Encrypted)
|
Insecure Data Storage |
100 |
December 5th, 11:40:10 AM
|
|
Clipboard
|
Insecure Data Storage |
100 |
December 5th, 11:33:38 AM
|
|
Native Function Call
|
Binary Protection |
100 |
December 5th, 11:22:05 AM
|
|
Backdoor7
|
Miscellaneous |
100 |
December 5th, 11:08:42 AM
|
|
Backdoor5
|
Miscellaneous |
100 |
November 1st, 8:52:47 PM
|
|
Backdoor6
|
Miscellaneous |
100 |
November 1st, 8:26:58 PM
|
|
Backdoor3
|
Miscellaneous |
100 |
November 1st, 8:14:03 PM
|
|
Backdoor1
|
Miscellaneous |
100 |
November 1st, 8:05:40 PM
|
|
Hardcoded Secret
|
Binary Protection |
100 |
November 1st, 7:53:39 PM
|
|
RPATH
|
Binary Protection |
100 |
November 1st, 7:53:01 PM
|
|
File System Expose
|
Content Providers |
100 |
November 1st, 7:37:34 PM
|
|
SQL Injection
|
Content Providers |
100 |
November 1st, 7:33:13 PM
|
|
RW System
|
Root Detection |
100 |
November 1st, 7:27:12 PM
|
|
Su Binary
|
Root Detection |
100 |
November 1st, 7:25:32 PM
|
|
Root Cloaking Apps
|
Root Detection |
100 |
November 1st, 7:23:07 PM
|
|
Root Management Apps
|
Root Detection |
100 |
November 1st, 7:20:18 PM
|
|
XPATH Injection
|
Web Application |
100 |
November 1st, 6:43:42 PM
|
|
JSON to XXE (Blind)
|
Web Application |
100 |
November 1st, 6:31:02 PM
|
|
Backdoor2
|
Miscellaneous |
100 |
November 1st, 9:08:40 AM
|
|
Backdoor4
|
Miscellaneous |
100 |
November 1st, 9:06:43 AM
|
|
RSA
|
Asymmetric Encryption |
100 |
October 31st, 7:30:29 PM
|
|
Blowfish
|
Symmetric Encryption |
100 |
October 31st, 7:28:37 PM
|
|
RC4
|
Symmetric Encryption |
100 |
October 31st, 7:27:46 PM
|
|
3DES
|
Symmetric Encryption |
100 |
October 31st, 7:27:11 PM
|
|
Unrestricted File Upload
|
Web Application |
100 |
August 19th, 11:55:44 AM
|
|
XXE
|
Web Application |
100 |
August 19th, 10:58:07 AM
|
|
Encoding - Hashing
|
Web Application |
100 |
August 19th, 10:26:06 AM
|
|
OTP Bruteforce
|
Web Application |
100 |
August 19th, 10:16:19 AM
|
|
Client Side Validation Bypass
|
Web Application |
100 |
August 19th, 9:55:45 AM
|
|
Memory
|
Insecure Data Storage |
100 |
August 18th, 3:07:32 PM
|
|
External Storage
|
Insecure Data Storage |
100 |
August 18th, 2:34:30 PM
|
|
Activity data
|
Insecure Data Storage |
100 |
August 18th, 2:32:47 PM
|
|
2FA - OTP Brute-Force
|
Authentication |
100 |
August 18th, 10:49:28 AM
|
|
2FA - OTP Brute-Force 2
|
Authentication |
100 |
August 18th, 10:44:16 AM
|
|
DES
|
Symmetric Encryption |
100 |
August 18th, 10:14:03 AM
|
|
Internal Storage
|
Insecure Data Storage |
100 |
August 17th, 6:01:58 PM
|
|
SQLite Databases (Unencrypted)
|
Insecure Data Storage |
100 |
August 17th, 5:59:26 PM
|
|
Shared Preferences
|
Insecure Data Storage |
100 |
August 17th, 5:57:03 PM
|
|
isDebugger Connected
|
Anti-Debugging |
100 |
August 17th, 5:52:04 PM
|
|
SHA1
|
Hashing |
100 |
August 17th, 5:40:23 PM
|
|
MD4
|
Hashing |
100 |
August 17th, 5:31:04 PM
|
|
MD5
|
Hashing |
100 |
August 17th, 5:26:46 PM
|
|
Server Fingerprint
|
Web Application |
100 |
August 17th, 5:08:45 PM
|
|
User Password Enumeration
|
Web Application |
100 |
August 17th, 5:06:03 PM
|
|
JWT Misconfiguration
|
Web Application |
100 |
August 17th, 4:49:45 PM
|
|
Guessable Session ID
|
Web Application |
100 |
August 17th, 4:47:33 PM
|
|
REST API HTTP Methods
|
Web Application |
100 |
August 17th, 4:39:48 PM
|
|
RFI
|
Web Application |
100 |
August 17th, 4:30:29 PM
|
|
Metafiles - Info Leakage
|
Web Application |
100 |
August 17th, 3:45:46 PM
|
|
RIA Cross Domain Policy
|
Web Application |
100 |
August 17th, 3:43:44 PM
|
|
S3 bucket misconfiguration
|
Web Application |
100 |
August 17th, 2:39:28 PM
|
|
Review comment and Metadata
|
Web Application |
100 |
August 17th, 2:30:49 PM
|
|
Old Backup Files
|
Web Application |
100 |
August 17th, 1:53:14 PM
|
|
SSRF
|
Web Application |
100 |
August 17th, 1:48:05 PM
|
|
JavaScript - Info leak
|
Web Application |
100 |
August 17th, 1:30:12 PM
|
|
HTML5 Controls
|
Web Application |
100 |
August 17th, 12:59:57 PM
|
|
Login bypass
|
Web Application |
100 |
August 17th, 12:57:26 PM
|
|
Bruteforce
|
Web Application |
100 |
August 17th, 12:55:38 PM
|
|
Insecure Direct Object Reference
|
Web Application |
100 |
August 17th, 12:48:33 PM
|
|
Default Credentials
|
Web Application |
100 |
August 17th, 12:32:53 PM
|
|
Caesar Cipher
|
Encryption |
100 |
August 17th, 12:21:45 PM
|
|
Verbose Logs
|
Logs |
100 |
August 17th, 11:45:13 AM
|
|
WTF Logs
|
Logs |
100 |
August 17th, 11:44:40 AM
|
|
Debug Logs
|
Logs |
100 |
August 17th, 11:43:35 AM
|
|
Warnings Logs
|
Logs |
100 |
August 17th, 11:42:57 AM
|
|
Error Logs
|
Logs |
100 |
August 17th, 11:41:57 AM
|
|
Informational Logs
|
Logs |
100 |
August 17th, 11:41:25 AM
|
|
UDP Traffic
|
Non-HTTP Traffic |
100 |
August 17th, 11:29:58 AM
|
|
TCP Traffic
|
Non-HTTP Traffic |
100 |
August 17th, 11:27:58 AM
|
|
HTTPS Traffic
|
HTTP Traffic |
100 |
August 17th, 11:04:30 AM
|
|
HTTP Traffic
|
HTTP Traffic |
100 |
August 17th, 11:04:02 AM
|
|
Sanity Check Flag
|
Sanity Check |
0 |
July 30th, 12:36:23 PM
|