deep links
Preventing Deep Link Hijacking When it comes to preventing Deep Link Hijacking, the message is simple: stop using Scheme URLs and start using (properly verified) App Links or Intent URLs. [If you're lost maybe you should go back to Part 1] As of August 2021 only about 6%
android
So .. what else can we do with deep links? Local File Inclusion (LFI) In part 2 we saw how to achieve LFI via the WebView.loadUrl method. In this part we'll explore an alternative that doesn't require the application to contain a WebView. Let's
android
In this part, we're going to start to answer the question: "What can you do if you can trick a user into clicking a malicious deep link?" Let's go back to the ABC Bank example. ABC Bank has both a web and an Android
android
Deep links are an often overlooked way to exploit Android applications. In this series I hope to do a deep dive into their history, common vulnerabilities with real-life examples, possible mitigations, and testing techniques for pentesters and researchers. In this first part, we do a quick overview of the supported