Open Security In God we trust, rest we test!


Instamojo Woocommerce Plugin XSS

We are using Instamojo as a payment gateway for Indian customers in our security education platform OpSecX. Instamojo provides a plugin that can be used with WooCommerce. To ensure our customers safety we used...


Reversing DexGuard’s String Encryption

DexGuard is a commercial tool used for protecting android binaries (APK) mainly from reversing and tampering. It provides features like code obfuscation, class encryption, string encryption, asset/resource encryption, tamper protection, anti-debugger checks, VM/Environment checks, SSL...


Mobile Security Framework

Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of...

NodeJsScan 0


Static security code scanner for Node.js applications. Download and Documentation


Security Analysis of Android Web Browsers

We have done the Security Review of commonly used Android Web Browsers. All the APKs were collected from Google Play store. The security analysis was done with the help of an Automated Mobile Security Framework which...


Tizen 2.2.1 WebKit Address Spoofing

This vulnerability was identified on Tizen 2.2.1 default WebKit based browser. PoC: Title: Tizen 2.2.1 WebKit Address Spoofing Vulnerability Author: Ajin Abraham | @ajinabraham Website: Affected Product: Tizen Default Browser Affected Version: Tizen...