Module 1

Topics: DAC, MAC, UID, GID, AID, Application Sandbox


Topics: Architecture, Type Enforcement, Modes, Rules, Security labels


Topics: Signing Goals and Objectives, Google Play signing, Signature Schemes


Topics: Protected APIs, Permission Assignment and Categories, Fingerprint, GateKeeper, Keystore, Encryption, Verified boot

SLIDES (external)

Module 2

The main motivation behind this article was a recent (9/2021) twitter post from @elhackernet about SARA aka a Simple Android Ransomware Attack software. As I am kinda obsessed with malware applications, I downloaded the sample and started digging around.

Here is what I found…

Once upon a time in AndroidLand

There was a time when life…

Many people who are starting to work with the Android OS are having difficulties to understand the application sandbox concept. This usually leads to misconceptions in respect to data and resource sharing between the apps which by its turn leads to unsubstantial findings and false security alarms.

The main objective…

Don’t get me wrong but I couldn’t find more appropriate title in order to describe the specific vulnerability.

I don’t know what happens when it comes to your sexual life, but I can assure you that in software development even the smallest neglect matters. …



Overlays are not something new in IT Security. Actually, the “Cloak & Dagger” which is based on these techniques is still considered as one of the most popular attacks that affected the Android Operating System [1]. But this is just the tip of the iceberg, since overlays are used by…


Security Researcher, former Camel Rider, developer of

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store