● 30 entries
Mobile Security
- Android Debug Bridge (ADB)A command-line developer tool, part of the Android SDK, that lets a host computer communicate with an Android device or emulator over USB or TCP to install apps, read logs, and run shell commands.
- Android Keystore SystemAndroid's hardware-backed key container that confines cryptographic key material to a Trusted Execution Environment or StrongBox, exposing keys only by reference and enforcing per-key access policies such as biometric or device-credential gating.
- Android MalwareMalicious software that targets the Android operating system, typically distributed through sideloaded APKs, dropper apps on Google Play, or compromised third-party stores.
- APK RepackagingAn Android attack technique that unpacks a legitimate APK, modifies its code or resources (ads, trackers, malware, license bypass), repacks and re-signs it, then redistributes the trojanized app through unofficial stores or sideload campaigns.
- Apple App AttestApple's iOS / iPadOS / tvOS / watchOS attestation service that lets an app prove to its backend that it is the genuine, App-Store-signed binary running on a real Apple device with Secure Enclave protection.
- Baseband AttackAn exploit against the cellular modem (baseband processor) of a phone, abusing protocol parsing bugs in 2G, 3G, 4G, or 5G stacks to gain code execution before the application OS sees the traffic.
- Bring Your Own Device (BYOD)A workplace model in which employees use their personally owned smartphones, tablets, or laptops to access corporate applications and data.
- Enterprise Mobility Management (EMM)An integrated platform that combines MDM, MAM, identity, content, and access controls to manage mobile devices and apps across an enterprise.
- Frida Dynamic InstrumentationAn open-source dynamic instrumentation toolkit by Ole André Vadla Ravnås that lets researchers hook, trace, and rewrite functions inside running processes on Android, iOS, Windows, macOS, and Linux — the de facto tool for mobile app reverse engineering and bypass research.
- Google Play Integrity APIGoogle's server-side device-and-app attestation API for Android, the successor to SafetyNet Attestation, used by apps to verify they are running on a genuine, unmodified device with the official, Play-distributed binary.
- IMEI (International Mobile Equipment Identity)A 15-digit number that uniquely identifies a mobile device on a cellular network, allocated by the GSMA and used by carriers to block stolen handsets.
- IMSI (International Mobile Subscriber Identity)A 15-digit identifier stored on the SIM or eSIM profile that uniquely identifies a subscriber on a cellular network, made of MCC, MNC, and MSIN fields.
- iOS KeychainApple's encrypted credential store on iOS, iPadOS, and macOS, backed by the Secure Enclave and graded by per-item accessibility classes that bind decryption to device unlock, passcode, biometric, or hardware-bound state.
- iOS MalwareMalicious software targeting Apple iPhones and iPads, including supply-chain attacks on app developers, mercenary spyware, and threats specific to jailbroken devices.
- Jailbreak (iOS)The process of bypassing Apple's code-signing and sandbox restrictions on an iPhone or iPad so the user can install software that Apple has not approved.
- Mobile App PermissionsThe operating-system controls that require user consent before an app can access sensitive resources such as location, microphone, camera, contacts, photos, SMS, or background sensors.
- Mobile App SandboxAn operating-system enforced boundary that limits what files, IPC, and APIs a mobile application can access, so a compromised app cannot easily reach other apps' data.
- Mobile App SecurityThe practice of designing, building, and testing iOS and Android applications to protect user data, prevent reverse engineering, and resist runtime tampering.
- Mobile App Store AttackAn attack that abuses a mobile app distribution channel — Google Play, Apple App Store, OEM stores, or third-party markets — to deliver malicious or repackaged applications to victims.
- Mobile Application Management (MAM)Controls that protect corporate data inside specific mobile applications without taking full management of the underlying device.
- Mobile Device Management (MDM)Software that lets an organization enroll, configure, monitor, and remotely wipe iOS, Android, macOS, and Windows endpoints from a central console.
- Mobile Jailbreak Detection (iOS)Runtime checks an iOS app performs to determine whether the device has been jailbroken — looking for Cydia/Sileo/Zebra files, suspicious URL schemes, write access outside the sandbox, or App Attest disagreement.
- Mobile OTP InterceptionAttacks that capture one-time passwords delivered to a phone, undermining SMS- or app-based two-factor authentication.
- Mobile Root Detection (Android)Defensive checks an Android app runs to determine whether it is executing on a rooted device — typically by probing for su binaries, Magisk files, busybox, dangerous build properties, or hardware-attested integrity verdicts.
- Mobile TLS Pinning BypassThe category of techniques used to disable certificate pinning in a mobile app — typically via Frida or Objection hooks on platform TLS APIs — so a pen-tester or attacker can run a man-in-the-middle proxy and inspect API traffic.
- Mobile VPNA virtual private network designed for smartphones and tablets, tunnelling traffic from a mobile device to a corporate gateway or a privacy-focused provider over cellular and Wi-Fi links.
- MobSF (Mobile Security Framework)An open-source mobile-app static and dynamic analysis platform supporting Android (APK/AAB), iOS (IPA), and Windows mobile binaries — widely used by AppSec teams as a first-pass scanner against OWASP MASVS/MASTG controls.
- Pegasus Spyware (NSO Group)A commercial mobile spyware developed by the Israeli company NSO Group that infects iOS and Android phones, often through zero-click exploits, and exfiltrates messages, calls, location, and microphone data.
- Predator Spyware (Intellexa)Commercial mobile spyware developed by Cytrox and marketed by the Intellexa consortium, used by government customers against journalists, opposition politicians, and civil society on iOS and Android.
- Rooting (Android)Gaining unrestricted superuser (root) privileges on an Android device, bypassing the protections enforced by the Linux kernel, SELinux, and the Android verified boot chain.