🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Are you willing to share your mobile security knowledge? Or are you experienced in creating threat models? We are looking for volunteers for the OWASP mobile threat model project! (please RT)

#Android #Security Workshop material for the #CyberTruck Challenge is out. Thanks to NowSecure and #CyberTruck organizers for the experience. Glad to help automotive students on mobile security. github.com/nowsecure/cybe…. Go and smash the crackme!

Are you excited to learn about the “Reds & Blue’s of #android #security” #nullsg will be conducting a full fledged workshop on the 22nd of February. Details coming soon ... #infosec #MobileSecurity

Join Shiv Sahni & Tony Thomas conducting a #nullsg workshop on "The Reds and Blues of an #Android Application" on the 22nd of February. RSVP now: meetup.com/Null-Singapore… #MobileSecurity #infosec #security

Thought of being little productive this weekend, wrote a story on (in)securities related to the mingling of Deep Link and Webview in Android application. link.medium.com/KlclxAxGO5 #applicationSecurity #mobileSecurity #androidSecurity #androidWebview #infosec #bugbounty #appsec

The Zaheck of Android Deep Links! #MobileSecurity #AndroidSecurity medium.com/@shivsahni2/th…

Wrote this python utility to perform passive enumeration on Android binaries. Hope this would be useful in #bugbounty #pentest and #redteam ops. medium.com/@shivsahni2/ap… #infosec #appsec #mobilesecurity #androidsecurity #securityengineer #securityautomation

You might have heard of conventional Subdomain Takeovers. Are you aware of AWS NS Takeover? Have a look at NSDetect, a python utility to detect AWS NS Takeover. medium.com/@shivsahni2/ns… #bugbounty #cloudSecurity #awsSecurity #infosec #devsecops #infraSecurity

#hardcodedSecret is one of the most common security issue identified during #secureCodeReview Wrote a blog to talk about the problems associated with #insecure #SecretManagement and the basic requirements of an effective #secretManager #devOps #infosec medium.com/@shivsahni2/is…

#ApkEnum now also identifies the Google Maps API Keys hardcoded in the Android binary. #mobileSecurity #reverseEngineering #bugBounty github.com/shivsahni/APKE…

Do you know #okHttp retains headers during redirection? This could lead to leakage of users' auth tokens in #android apps. I wrote this blog to cover tech aspects of it. #appsec #bugbounty #bugbountytips #androidSecurity #mobileSecurity #cybersecurity medium.com/bugbountywrite…

Exciting news: I will be the teaching the very fist bootcamp about iOS Security at Pentester Academy! Register now to be in the first batch that starts already in December 🥳

Very disappointed with your customer support H&M Singapore H&M You delivered a wrong product and since August 2020 and I’m struggling with your team to get refund 😓 #poorcustomerservice

Wrote a story on a common Mobile Security Engineering Problem. SSL Pinning & AWS Certificate Manage! link.medium.com/bcaKDEzHngb #cyberSecurity #appsec #applicationsecurity #mobileSecurity #devOps #securityEngineering #sslpinning #owasp #secOps #security #aws #acm #sslcert

#HITB2021SIN Securing Webviews and The Story Behind CVE-2021–21136 - Imdadullah Mohammed & Shiv Sahni - conference.hitb.org/hitbsecconf202…

I along with Shiv Sahni will be presenting our talk "Securing Webviews and The Story Behind CVE-2021–21136" at #HITB2021SIN on 27th Aug. #MobileSecurity x.com/HITBSecConf/st…

📢 In this Ekoparty | Hacking everything talk, Imdadullah Mohammed (Imdad) & Shiv Sahni (Shiv Sahni) will discuss common webview related security issues & how they discovered CVE-2021-21136 🔥 which allowed sensitive data leakage to 3rd parties via HTTP request headers. Join us at #Eko2021! 🙌