Blog

Stay up to date with Payatu blog

Blog

Stay up to date with Payatu blog

Close the overlay

I am looking for
Please click one!

11/04/2020

How We Hacked an Android Game And Ranked First globally



hrushikesh

How we hacked an Android game to top the global leaderboard without even playing the game. Recently, we came across an Android game of Minesweeper. The game has been nicely developed and was fun t

Read more
08/01/2020

Must have Tools for Your Android Pentesting Toolkit



akansha

6 Must-have Tools for Your Android Pentesting Toolkit Hello, and Welcome everyone! When performing pentesting, either it is the web, network, mobile, or IoT, the most crucial thing the pentester s

Read more
01/01/2019

DIVA (Damn insecure and vulnerable App) is an App intentionally designed to be insecure.

Read more
30/11/2018

“MyMiko” – Responsible Vulnerability Disclosure



Arun-Magesh

This is my another case of a vulnerable IoT device. In my previous blogs, we talked about vulnerabilities there was found in Smart lock and beacons. This one is a fun device, which is made for kids to learn to code and play with it. I don’t have access to the device, so I just checked on the mobile app and found series of vulnerability. These are my findings on a Connected smart toy – MyMiko by Emotix from their Android app. Findings 1: Hard Coded information in the android app It was identified on extracting the android app. several hard-coded information is present. These hard-coded information involves API calls, Web Endpoints and other information which could pose a threat. Steps:

Read more