Writeup and exploit for CVE-2025-22441: Privilege escalation from installed app to SystemUI process on Android due to pass of untrusted ApplicationInfo to LoadedApk

Writeup and exploit for CVE-2024-49746: Android's Parcel::continueWrite closing File Descriptors that are later used

Writeup and exploit for CVE-2024-34740, integer overflow in Android's BinaryXmlSerializer to system_server file write and then to system_server code execution from normal installed app

Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel after recycle()

PoC for CVE-2021-39749, allowing starting arbitrary Activity on Android 12L Beta

Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`/`createFromParcel` serialization mismatch in `OutputConfiguration`

Oversecured Vulnerable Android App

Android apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

this unpack script for Android O and Android P

Street Party is a suite of tools that allows the RTP streams of video conferencing implementations to be viewed and modified.

Exploit code for CVE-2018-9411 for MediaCasService

PoCs of Vulnerabilities on Bluedroid

CVE-2017-0806 PoC (Android GateKeeperResponse writeToParcel/createFromParcel mismatch)

PoC code for CVE-2017-13253

Statically compiled ARM binaries for debugging and runtime analysis

practice

This project contains pocs and exploits for android vulneribilities

Contains PoC scripts demonstrating the BlueBorne vulnerabilities

Source code and binaries of FlexiSpy from the Flexidie dump

A bunch of proof-of-concept exploits for the Linux kernel

CVE-2016-5195 (Dirty COW) PoC for Android 6.0.1 Marshmallow