{"id":13577825,"url":"https://github.com/WindXaa/Android-Vulnerability-Mining","last_synced_at":"2025-04-05T15:31:31.096Z","repository":{"id":37386108,"uuid":"480633169","full_name":"WindXaa/Android-Vulnerability-Mining","owner":"WindXaa","description":"Android APP漏洞之战系列，主要讲述如何快速挖掘APP漏洞","archived":false,"fork":false,"pushed_at":"2023-02-03T10:55:49.000Z","size":51,"stargazers_count":612,"open_issues_count":1,"forks_count":88,"subscribers_count":9,"default_branch":"main","last_synced_at":"2024-11-05T15:48:01.943Z","etag":null,"topics":["android","vulnerable-mining"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/WindXaa.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-04-12T03:01:15.000Z","updated_at":"2024-11-04T07:24:57.000Z","dependencies_parsed_at":"2023-02-18T06:01:21.354Z","dependency_job_id":null,"html_url":"https://github.com/WindXaa/Android-Vulnerability-Mining","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WindXaa%2FAndroid-Vulnerability-Mining","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WindXaa%2FAndroid-Vulnerability-Mining/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WindXaa%2FAndroid-Vulnerability-Mining/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WindXaa%2FAndroid-Vulnerability-Mining/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/WindXaa","download_url":"https://codeload.github.com/WindXaa/Android-Vulnerability-Mining/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247358754,"owners_count":20926279,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","vulnerable-mining"],"created_at":"2024-08-01T15:01:24.667Z","updated_at":"2025-04-05T15:31:30.646Z","avatar_url":"https://github.com/WindXaa.png","language":"Python","readme":"# Android Vulnerability Mining\n\u003e 本文整理了Android APP 漏洞挖掘学习的帖子，主要为Android APP漏洞之战，相关附件存放在知识星球：安全后厨\n\n\n===========================================================\n\n# 《Android APP漏洞之战系列》\n\n## （1）工具篇\n\n- [01.Android APP漏洞挖掘三板斧——drozer+Inspeckage(Xposed)+MobSF](https://bbs.pediy.com/thread-269196.htm)\n- [02.Android APP漏洞之战（0）——打造Windows端Android安全工具包](https://mp.weixin.qq.com/s/-HrAwWqPdMQZZ8VYcvsukw)\n- [03.Android APP漏洞之战（15）——非root环境下的hook、抓包、脱壳](https://bbs.pediy.com/thread-275552.htm)\n- [04.Android APP漏洞之战（16）——新漏洞挖掘工具三件套](https://mp.weixin.qq.com/s?__biz=MzI3MDQ1NDE2OA==\u0026mid=2247487564\u0026idx=1\u0026sn=ba311de5fa67cc99de8885f7dc8d2de3\u0026chksm=ead18cbbdda605ad34e32a9ef7ff45a64e89dbe5aa54118d4588d11e82465607e6b5fea91f4f\u0026token=318214511\u0026lang=zh_CN#rd)\n\n## （2）技巧篇\n\n- [01.Android APP漏洞之战（10）——调试与反调试详解](https://bbs.pediy.com/thread-272452.htm)\n- [02.Android 常用Hook技术方案详解](https://bbs.pediy.com/thread-272870.htm)\n- [03.Android APP漏洞之战（11）——整体壳脱壳技巧详解](https://bbs.pediy.com/thread-273293.htm)\n- [04.Android APP漏洞之战（14）——Ollvm混淆与反混淆](https://mp.weixin.qq.com/s/lcyIakgOcNQaFBn5bfnwrg)\n\n## （3）基础篇————四大组件漏洞篇\n\n- [01.Android APP漏洞之战（1）——Activity漏洞挖掘详解](https://bbs.pediy.com/thread-269211.htm)\n- [02.Android APP漏洞之战（2）——Service漏洞挖掘详解](https://bbs.pediy.com/thread-269255.htm)\n- [03.Android APP漏洞之战（3）——Broadcast Recevier漏洞详解 ](https://bbs.pediy.com/thread-269309.htm)\n- [04.Android APP漏洞之战（4）——Content Provider漏洞详解](https://bbs.pediy.com/thread-269447.htm)\n\n## （4）进阶篇1————基本配置漏洞篇\n\n- [01.Android APP漏洞之战（5）——权限安全和安全配置漏洞详解](https://bbs.pediy.com/thread-269988.htm)\n- [02.Android APP漏洞之战（7）——信息泄露漏洞详解](https://bbs.pediy.com/thread-271122.htm)\n\n## （5）进阶篇2————网络漏洞挖掘篇\n\n- [01.Android协议分析（四）——Http/Https中间人攻击APP升级劫持漏洞:解析CNVD-2021-40179和CNVD-2021-45684](https://bbs.pediy.com/thread-268464.htm)\n- [02.Android APP漏洞之战（6）——HTTP/HTTPs通信漏洞详解](https://bbs.pediy.com/thread-270634.htm)\n- [03.Android APP漏洞之战（9）——验证码漏洞挖掘详解 ](https://bbs.pediy.com/thread-272270.htm)\n\n## （6）进阶篇3————SQL、XSS、文件上传漏洞篇\n- [01.Android 漏洞之战（12）————Sql漏洞初探](https://bbs.pediy.com/thread-273613.htm)\n\n## （7）进阶篇3————APP重大漏洞分析篇\n\n- [01.Android APP漏洞之战（8）——插件化漏洞和解压缩漏洞详解](https://bbs.pediy.com/user-home-905443.htm)\n- [02.Android APP漏洞之战（13）——Webview漏洞详解](https://bbs.pediy.com/thread-273867.htm)\n\n\n## 未完待续\n\n===========================================================\n\n## 相关附件，存放在知识星球，欢迎加入知识星球——安全后厨\n\n\u003cimg  src=\"https://images.weserv.nl/?url=https://article.biliimg.com/bfs/article/98a3b3b41f43053e7bed3a2240bfb4bad89830e9.png\"\u003e\n\n考虑加群的广告号太多，需要加微信群朋友，加小编微信，回复:安全后厨\n\n![640](https://tva3.sinaimg.cn/wap360/006jP03Oly1h7zufjtez2j30tu14fjur.jpg)\n\n\n","funding_links":[],"categories":["Python","安卓Android","漏洞扫描"],"sub_categories":["网络服务_其他"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FWindXaa%2FAndroid-Vulnerability-Mining","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FWindXaa%2FAndroid-Vulnerability-Mining","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FWindXaa%2FAndroid-Vulnerability-Mining/lists"}