An introduction into how existing popular rooting frameworks can be customised to provide a more stealthy alternative. This post highlights the importance of setting up a streamlined Android environment for security testing. In addition, I walk through an open source tool I wrote for modifying one of these frameworks that makes it virtually undetectable using conventional methods.
A basic overview of the new biometric APIs introduced in Android 10. This showcases a basic example using Crypto Objects, talk about the new biometric architecture, and some of the inherent risks introduced as a result.