This is a gist used in the following blog posts:
approovm
/ 00-android-bypass-certificate-pinning-and-mitm-attack-setup.md
Last active
April 23, 2024 01:21
Certificate Pinning Bypassing: Setup with Frida, mitmproxy and Android Emulator with a writable file system
approovm
/ approov-2-shapes-api_postman-collection.json
Last active
September 10, 2019 16:56
Approov 2 Shapes API - Postman Collection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "info": { | |
| "_postman_id": "770bac2a-db1f-412a-870a-ea5328cdcebc", | |
| "name": "Approov 2 - Shapes API", | |
| "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" | |
| }, | |
| "item": [ | |
| { | |
| "name": "http://localhost", | |
| "item": [ |
approovm
/ 00-Securing-Https-With-Certificate-Pinning-On-android.md
Last active
June 2, 2022 09:42
SECURING HTTPS WITH CERTIFICATE PINNING ON ANDROID
The blog post can be found here.
In this article we will learn what certificate pinning is, when to use it, how to implement it in an Android app, and how it can prevent a MitM attack.
approovm
/ 00-Approov-Integration-in-a-Java-Spring-Stateless-API.md
Last active
June 2, 2022 09:43
Approov integration example using the Java Spring framework for stateless API.
The blog post can be found here
This Approov Integaration example will show us how simple it is to integrate Approov in a stateless API server using Java and the Spring framework.
We will see the requirements, dependencies and a step by step walk-through of the code necessary to implement Approov in a Java Spring stateless API.
approovm
/ 00-README.md
Last active
June 2, 2022 09:43
— forked from Exadra37/00-README.md
Code Snippets for an Approov Integration in a NodeJS Express API as per this blog post http://blog.approov.io/approov-integration-in-a-nodejs-express-api
The blog post can be found here.
This walk-though will show us how simple it is to integrate Approov in a current API server using NodeJS and the Express framework.
We will see the requirements, dependencies and a step by step walk-through of the code necessary to implement Approov in a NodeJS Express API.
approovm
/ 00-README.md
Created
May 1, 2019 14:52
— forked from Exadra37/00-README.md
Gist with all code snippets for this blog post http://blog.approov.io/how-to-extract-an-api-key-from-a-mobile-app-with-static-binary-analysis
You can read the blog post here.
An API key is probably the most common method used by developers to identify what is making the request to an API server, but most developers are not aware how trivial is for a hacker or even a script kid to steal and reuse an API key for unauthorized access to their APIs.
We will see how to grab an API key by reverse engineering the binary of a mobile app in an effective and quick way with an open source tool, and once we see how easy it can be, we will realize why it is even achievable by non developers.
approovm
/ 00-README.md
Last active
June 2, 2022 09:44
— forked from Exadra37/00-README.md
Code Snippets for an Approov Integration in Python Flask API on this blog post http://blog.approov.io/approov-integration-in-a-python-flask-api
The blog post can be found here.
This walk-though will show us how simple it is to integrate Approov in a current API server using Python and the Flask framework.
We will see the requirements, dependencies and a step by step walk-through over the code necessary to implement Approov in a Python Flask API.
approovm
/ 00-WHY-DOES-YOUR-MOBILE-APP-NEED-AN-API-KEY.md
Created
May 1, 2019 14:50
— forked from Exadra37/00-WHY-DOES-YOUR-MOBILE-APP-NEED-AN-API-KEY.md
Blog post code snippets for: WHY DOES YOUR MOBILE APP NEED AN API KEY?
The blog post can fe found here.
Mobile apps are becoming increasingly important in the strategy of any company. As a result, companies need to release new application versions at a fast pace, and this puts developers under pressure with tight deadlines to complete and release new features very quickly.