Dear users and security aware people, we have a great announcement. The new version of OWASP Seraphimdroid is published with some very interesting breakthrough features. If you liked OWASP Seraphimdroid before, now you will probably love it. We have improved machine learning aided permission scanner, new settings scanner, improved SMS interceptor, improved application locker, and some more. OWASP organized OWASP Code Summer Sprint, where OWASP Seraphimdroid participated as one of the project. Student that was proposed some and was selected to develop improvements on OWASP Seraphimdroid was Kartik Kohli. I had opportunity to mentor him as OWASP Seraphimdroid project leader. So let’s start explaining the major improvements.
If you are not aware or do not know what features
…
Follow my blog with Bloglovin
Today I have to make one very important announcement. The first version of OWASP Serpahimdroid has been officially published. It is now publicly available in Google play store (https://play.google.com/store/apps/details?id=org.owasp.seraphimdroid). I would like to tell a bit of the background of this project and describe some main features here.
It has been about a year ago when I started this project. I had an idea about building quite simple android security application that would not rely on some large database or some malware labs, but rather protect users trough a set of heuristics that will at the first place prevent them from loosing a money trough detecting if some malicious application is trying
…
About 2 months ago I started thinking about creating Android security application. I was looking where the other application are weak, since there are a lot of android device protection and anti malware application available on Google play. Thing I found that most of those application don’t use application permissions as indicator that some other application is malicious. Other thing I also found is that a lot of features, that are quite easy to develop are premium. As I was looking for project to train myself, and help others to train developing android security tools that had not that luck to be employed by some anti virus company, I decided to create open source project. There will be no other
…
Finily I got some time to write about open source community in Serbia that I am leading. I hope it will help also a bit to make it more popular and also I hope it will give some advices to new OWASP chapter leaders or people who want to create some technical community. Feel free to comment also if you have some advices for us.
Question that is offen asked. Especially in countries like Serbia where web security is not well covered topic. So let’s start from the basics.
The Open Web
…
Today I have tried to set up GameOver.iso, one of many interesting live linux environement that is meant to be training tool for learning about web application security. I must admit that I like it, altrough I had a little problems and confusion in start. Actually it is linux live CD that set up web server with vulnerable web applications that you can try to hack. As I had used some of the linux distributions that are ment to be training environement like OWASP live CD, I expected also some graphical environement. Tried startx command from console, but nothing happened. Then I learned that it just starts server, and you had to access vulnerable websites from other machine via
…