This write-up is about hacking the Razer Pay Android app - an E-Wallet app used in Singapore and Malaysia. It was an interesting journey worth blogging due to the use of some interesting techniques including Frida, a tool that I only thought was meant for bypassing SSL-pinning or root detection.
I quite enjoy external Pentest, especially when the scope is large. There has been some really interesting stuff I have found in the past but in this post I wanted to share a little event that I came across…
“If you are doing a task more than twice? Then, automate it!” I hear that phrase all the time, but don’t often spend time doing it. Well today’s a good opportunity…
An Activity is one of the Android’s component in an app. It is the screen that the user sees on a mobile app. (For example, the setting’s “screen”, home “screen, etc). A simple app could have one while more complicated ones could have dozens.
I was recently testing a checkout payment system. It was the type of setup where everything seemed to be locked down and I had no findings for 2 days straight (most likely because I was looking at the wrong place)