└── README.md


/README.md:
--------------------------------------------------------------------------------
  1 | 
  2 | # Android Security & Reverse Engineering YouTube Curriculum
  3 | 
  4 | ## Table of Contents
  5 | 
  6 | 1. [Android Exploits & Attacks](#android-exploits--attacks)
  7 | 2. [Android Permissions & Privileges](#android-permissions--privileges)
  8 | 3. [Android Webviews & Javascript Interfaces](#android-webviews--javascript-interfaces)
  9 | 4. [Android Reverse Engineering & Obfuscation](#android-reverse-engineering--obfuscation)
 10 | 5. [Android Bluetooth Security](#android-bluetooth-security)
 11 | 6. [Payment Systems & ATMs](#payment-systems--atms)
 12 | 7. [Android Malware & Surveillance](#android-malware--surveillance)
 13 | 8. [Android Hardware Vectors](#android-hardware-vectors)
 14 | 9. [Android GPU Attacks](#android-gpu-attacks)
 15 | 10. [Baseband Attacks](#baseband-attacks)
 16 | 11. [Hard-Coded Credentials & Adjacent Attacks](#hard-coded-credentials--adjacent-attacks)
 17 | 12. [Android Kernel Exploits](#android-kernel-exploits)
 18 | 13. [Input Validation & Path Traversal Attacks](#input-validation--path-traversal-attacks)
 19 | 14. [Android Ecosystem & Supply Chain Security](#android-ecosystem--supply-chain-security)
 20 | ---
 21 | 
 22 | ## Android Exploits & Attacks
 23 | 
 24 | - [**Remote, One-Click, Breaking through Smartphones via a Non Well-Known Remote Attack Surface**](https://youtu.be/xITV0DpBVGo?feature=shared)
 25 |   - *Black Hat USA 2024* By: Qinrun Dai Fan Yang, Haikuo Xie  
 26 | - [**Xiaomi The Money : Our Toronto Pwn2Own Exploit & BTS Story**](https://www.youtube.com/watch?v=B0A8F_Izmj0)
 27 |   - *DEFCON 32* by Ken Gannon, Ilyes Beghdadi
 28 | - [**Breaking network crypto in popular Chinese keyboard apps**](https://www.youtube.com/watch?v=RgCI3GOXLr0)
 29 |   - *DEFCON 32* by Jeffrey Knockel, Mona Wang
 30 | - [**Beyond Android MTE: Navigating OEM's Logic Labyrinths**](https://youtu.be/VDhHSCsaByk?feature=shared) 
 31 |   - *OffensiveCon24* by Joffrey Guilbon, Max, Mateusz Fruba and Georgi Geshev
 32 | - [**My other ClassLoader is your ClassLoader: Creating evil twin instances of a class:**](https://www.youtube.com/watch?v=zHAX9WyfViA)
 33 |   - *No Hat 2024* by Dimitrios Valsamaras
 34 | - [**Privacy Detective: Sniffing Out Your Data Leaks for Android**](https://www.youtube.com/watch?v=Krvi3bCXlCA) 
 35 |   - *Black Hat Asia 2024* By Zhengyang Zhou,Yiman He, Ning Wang, Xianlin Wu & Feifei Chen 
 36 | - [**SystemUI As EvilPiP: The Hijacking Attacks on Modern Mobile Devices**](https://youtu.be/47lDlfsji8Y?feature=shared) 
 37 |   - *Black Hat Asia 2024* By WeiMin Cheng & Yue Li
 38 | - [**Attacking Debug Modules In The Android Ecosystem**](https://www.youtube.com/watch?v=3lpMaFVvF64) 
 39 |   - *Black Hat Asia 2024* by Lewei Qu
 40 | - [**Still Vulnerable Out of the Box: Revisiting the Security of Prepaid Android Carrier Devices**](https://youtu.be/mYLa1f6LoLI?feature=shared)
 41 |   - *DEFCON 31* by Ryan Johnson
 42 | - [**The Living Dead: Hacking Mobile Face Recognition SDKs with Non-Deepfake Attacks**](https://www.youtube.com/watch?v=nPE2AjNB2sI) 
 43 |   - *Black Hat USA 2023* by By: Wing Cheong Lau , Kaixuan Luo , Xianbo Wang
 44 | - [**Hacking & Securing Android Applications**](https://youtu.be/WCw-N6lMLI4?feature=shared) 
 45 |   - *OWASP 2023 Global AppSec DC* by Daniel Llewellyn
 46 | - [**SigMorph: Covert Communication Exploiting Android Signing Schemes**](https://www.youtube.com/watch?v=C2qstasV53Y) 
 47 |   - *Nullcon Goa 2023* by by Ayan Saha And Achute Sharma   
 48 | - [**Android Parcels: The Bad, the Good and the Better**](https://www.youtube.com/watch?v=qIzMKfOmIAA) 
 49 |   - *Black Hat Europe 2022* by Hao Ke, Bernardo Rufino, Maria Uretsky, Yang Yang
 50 | - [**Unix Domain Socket: A Hidden Door Leading to Privilege Escalation in the Android Ecosystem**](https://youtu.be/Zi7FKB2AU58?feature=shared) 
 51 |   - *Black Hat Asia 2022* By: Dongxiang Ke, Lewei Qu, Han Yan & Daozheng Lin
 52 | - [**Start Arbitrary Activity App Components as System User: Vulnerability Affecting Samsung Android Devices**](https://youtu.be/SRCiMKlCavs?feature=shared) 
 53 |   - *Black Hat Asia 2022* by Ryan Johnson, Mohamed Elsabagh, Angelos Stavrou
 54 | - [**(UN)protected Broadcasts in Android 9 & 10**](https://youtu.be/nDHPZH20rtE?feature=shared)
 55 |   - *Black Hat Asia 2021* by Ryan Johnson
 56 | - [**TiYunZong Exploit Chain to Remotely Root Modern Android Devices**](https://www.youtube.com/watch?v=K91SrkKt4IQ) 
 57 |   - *Black Hat USA 2020* by Guang Gong
 58 | - [**Android Bug Foraging**](https://www.youtube.com/watch?v=QmcXtfLU1Xw)
 59 |   - *DEF CON 28 Safe Mode AppSec Village* by Pedro Umbelino ,João Morais
 60 | - [**Vulnerable Out of the Box - Evaluation of Android Carrier Devices**](https://www.youtube.com/watch?v=R2brQvQeTvM)
 61 |   - *DEF CON 26* by Ryan Johnson & Stavrou 
 62 | - [**Simple Spyware: Android's Invisible Foreground Services**](https://youtu.be/EuInUW77CPo?feature=shared) 
 63 |   - *Black Hat Europe 2019* by Thomas Sutter and Bernhard Tellenbach
 64 | - [**TR19: Hitting the Gym: The Anatomy of a Killer Workout**](https://www.youtube.com/watch?v=NU13Iktm5ZI)
 65 |   - *TROOPERS19* by Dimitrios Valsamaras
 66 | 
 67 | ## Android Permissions & Privileges
 68 | - [**The Permission Slip Attack, Leveraging a Confused Deputy in Android with 'pSlip'**](https://youtu.be/TdWHsik5DxM?feature=shared)
 69 |   - *Shmoocon 2025* by Edward Warren
 70 | - [**Bypassing Android Permissions From All Protection Levels**](https://www.youtube.com/watch?v=pP5tKT9-I0Y) 
 71 |   - *DEFCON 30* by Nikita Kurtin    
 72 | - [**Permissionless Android Universal Overlays**](https://www.youtube.com/watch?v=Jdhg1Tx8CjQ)
 73 |   - *InsomniHack 2023* by Dimitrios Valsamaras
 74 | - [**Hacking Android Foreground Services Escalation Of Privileges**](https://www.youtube.com/watch?v=3I53IkJpQ6I) 
 75 |   - *Nullcon Goa 2022* by Rony Das
 76 | - [**Dissecting Huawei Mobile Devices**](https://youtu.be/LxoHSrrGaNA?feature=shared)
 77 |   - *HEXACON2022* by Maxime Peterlin & Alexandre Adamski
 78 | - [**Re-route Your Intent for Privilege Escalation: A Universal Way to Exploit Android PendingIntents in High-profile and System Apps**](https://youtu.be/pc8ZKl5XG24?feature=shared)
 79 |   - *Black Hat Europe 2021* by En He
 80 | 
 81 | 
 82 | ## Android Webviews & Javascript Interfaces
 83 | 
 84 | - [**AutoSpill: Zero Effort Credential Stealing from Mobile Password Managers**](https://www.youtube.com/watch?v=t-6YYdbjO7g) 
 85 |   - *Black Hat Europe 2023* by By: Ankit Gangwal , Shubham Singh , Abhijeet Srivastava
 86 | - [**The Tangled Webview - Javascriptinterface Once More**](https://www.youtube.com/watch?v=56sOniHFwVU) 
 87 |   - *Black Hat Asia 2021* by Ce Qin
 88 | - [**Using Android WebViews to Steal All the Files**](https://www.youtube.com/watch?v=NCEQ0QIyicE) 
 89 |   - *Shmoocon 2020* by Jesson Soto Ventura
 90 | 
 91 | ## Android Reverse Engineering & Obfuscation
 92 | - [**The Complexity Of Reversing Flutter Applications**](https://www.youtube.com/watch?v=JNoEUPlgcZk)
 93 |   - *Nullcon Berlin 2024* by Axelle Apvrille
 94 | - [**Beyond Java: Obfuscating Android Apps with Native Code**](https://www.youtube.com/watch?v=wayMcQQZV1U) 
 95 |   - *TROOPERS23* by Laurie Kirk
 96 | - [**Runtime Riddles: Manipulation Points in the Android Source**](https://www.youtube.com/watch?v=Bq7Z3X4xwCE) 
 97 |   - *DEFCON 31* by Laurie Kirk
 98 | - [**The ART of Runtime Based Obfuscation in Android**](https://youtu.be/4fmftgFLo6c?feature=shared) 
 99 |   - *Kernelcon 2023* by Laurie Kirk
100 | - [**Unmasking the Godfather - Reverse Engineering the Latest Android Banking Trojan**](https://youtu.be/jNQmc2REwFg) 
101 |   - *Strange Loop Conference 2023* by Laurie Kirk
102 | - [**Dissecting the Modern Android Data Encryption Scheme**](https://youtu.be/unRFQhkK1DE?feature=shared) 
103 |   - *Recon 2023* by Maxime Rossi and Damiano Melotti
104 | - [**Endoscope: Unpacking Android Apps with VM-Based Obfuscation**](https://www.youtube.com/watch?v=4Rmc1rEyADU) 
105 |   - *Black Hat USA 2023* By: Fan Wu , Xuankai Zhang
106 | - [**ADBHoney: Low interaction honeypot designed for Android Debug Bridge**](https://youtu.be/STElT2ri6K8?feature=shared) 
107 |   - *Android Security Symposium 2020* by Gabriel Cirlig
108 | - [**Securing the System: Reversing Android Pre-Installed Apps**](https://www.youtube.com/watch?v=U6qTcpCfuFc) 
109 |   - *Black Hat USA 2019* by Maddie Stone
110 | - [**CVE-2019-3568 What's Up with WhatsApp A Detailed Walk Through of Reverse Engineer**](https://www.youtube.com/watch?v=tSRosxusw1Y) 
111 |   - *Jailbreak Security Summit 2019* by Maddie Stone
112 |     
113 |  
114 | ## Android Bluetooth Security
115 | - [**Fighting Cavities: Securing Android Bluetooth by Red Teaming**](https://youtu.be/PgnRkL0sd0w?feature=shared) 
116 |   - *OffensiveCon25* by Jeong Wook Oh, Rishika Hooda and Xuan Xing
117 | - [**Deep into Android Bluetooth Bug Hunting: New Attack Surfaces & Code Patterns**](https://www.youtube.com/watch?v=TDSgRWOeS-4) 
118 |   - *Black Hat Europe 2022* by Zinuo Han
119 | - [**Stealthily Access Android Phones: Bypass the Bluetooth Authentication**](https://www.youtube.com/watch?v=6J3weqoiads) 
120 |   - *Black Hat USA 2020* by Sourcell Xu and Xin Xin
121 |     
122 | 
123 | ## Payment Systems & ATMs
124 | - [**Contactless Overflow Code Execution in Payment Terminals & ATMs**](https://www.youtube.com/watch?v=eV76vObO2IM) 
125 |   - *DEFCON 31* by Josep Rodriguez
126 | - [**Turning my virtual wallet into a skimming device**](https://www.youtube.com/watch?v=NGhamH4_CZY) 
127 |   - *DEFCON 31* by Borgogno, Barrionuevo
128 | - [**How an android application can drain your wallet**](https://www.youtube.com/watch?v=O4OoJpbdDl0) 
129 |   - *Bsides Lisbon 2022* by Dimitrios Valsamaras
130 |  
131 | ## Android Malware & Surveillance
132 | - [**Keynote: The Mobile Malware Maze**](https://youtu.be/jCiI52OvtSA?feature=shared)
133 |   - *BruCON 0x0F* by Axelle Apvrille
134 | - [**Unmasking State-Sponsored Mobile Surveillance Malware from Russia, China, and North Korea**](https://www.youtube.com/watch?v=AkNzyvGbB50) 
135 |   - *Black Hat Europe 2024* by Kristina Balaam, Kyle Schmittle & Alemdar Islamoglu
136 | - [**When Malware Becomes Creative - Dimitrios Valsamaras and José Leitão**](https://www.youtube.com/watch?v=kxQmvWj_E5c)
137 |   - *BSides Lisbon 2024* by Dimitrios Valsamaras and José Leitão
138 | - [**Revisiting Stealthy Sensitive Information Collection from Android Apps**](https://youtu.be/tooIp6Wenww?feature=shared) 
139 |   - *Black Hat Asia 2023* by Guangdong Bai, Guangshuai Xia, Qing Zhang
140 | - [**Monitoring Surveillance Vendors: In-the-Wild Android Full Chains in 2021**](https://youtu.be/0Vv5kLj0tz4?feature=shared) 
141 |   - *Black Hat USA 2022* by Xingyu Jin, Richard Neal, Christian Resell, Clement Lecigne
142 | - [**PRC's Use of Mobile Surveillance for Tracking the Uighur population in China and Abroad**](https://youtu.be/33immRynwXA?feature=shared)
143 |   - *CYBERWARCON 2022* by Kristina Balaam
144 | - [**A Deep Dive into Privacy Dashboard of Top Android Vendors**](https://youtu.be/LyWwGqkXtVM?feature=shared) 
145 |   - *Black Hat Europe 2021* by Bin Ma, Xiangxing Qian, Wei Wen & Zhenyu Zhu   
146 | - [**A Mirage of Safety Bug Finding & Exploit Techniques of Top Android Vendor's Privacy Protection Apps**](https://www.youtube.com/watch?v=LKux50LIl7M) 
147 |   - *Black Hat Asia 2021* by Huiming Liu & Xiangqian Zhang
148 | - [**Can You Hear Me Now? Remote Eavesdropping Vulnerabilities in Mobile Messaging Applications**](https://youtu.be/s44K1IBnw4I?feature=shared)
149 |   - *Black Hat USA 2021* by Natalie Silvanovich
150 | - [**#HITBLockdown002 D1T1 - Zen: A Complex Campaign of Harmful Android Apps - Łukasz Siewierski**](https://youtu.be/-G4A3wCOBho?feature=shared)
151 |   - *Hack In The Box Security Conference Lockdown 2021* by Łukasz Siewierski
152 | - [**Android malware targeting Belgian Financial apps**](https://youtu.be/J47pp09sBxA?feature=shared)
153 |   - *BruCON 0x0D 2021* by Jeroen Beckers
154 | - [**Vulnerabilities discovered in Android stalkerware**](https://www.youtube.com/watch?v=jnf8EgLwGsk)
155 |   - *Ekoparty 2021: Mobile Hacking* by Lukas Stefanko
156 | - [**BAD BINDER: Finding an Android in the Wild 0day**](https://youtu.be/TAwQ4ezgEIo?feature=shared) 
157 |   - *OffensiveCon20* by Maddie Stone
158 | - [**Chamois: The Most Impactful Android Botnet of 2018**](https://www.youtube.com/watch?v=J2QBvetsdWc) 
159 |   - *Security Analyst Summit 2019* by Maddie Stone
160 | 
161 | ## Android Hardware Vectors
162 | - [**Hardwear.io NL 2024: Google Nest Wifi Pro Bypassing Android Verified Boot**](https://www.youtube.com/watch?v=NbUYbuOk0wM)
163 |   - *Hardwear.io NL 2024* by Sergei Volokitin
164 | - [**Becoming The Evil Maid: Hacking Android Disk Encryption For Fun And Profit**](https://www.youtube.com/watch?v=atFoYkULz5E)
165 |   - *BSidesMunich 2024* by  David Gstir
166 | - [**Dissecting The Modern Android Data Encryption Scheme**](https://youtu.be/I7_8OMcWPHg?feature=shared)
167 |   - *Hardwear.io NL 2023* by Maxine Rossi 
168 | - [**Physical Attacks Against Smartphones**](https://youtu.be/31xrNuH1RV4?feature=shared)
169 |   - *DEFCON 31* by Christopher Wade
170 | - [**Attack on Titan M, Reloaded: Vulnerability Research on a Modern Security Chip**](https://youtu.be/bCjkAkXiwK4?feature=shared)
171 |   - *Black Hat USA 2022* by: Damiano Melotti , Maxime Rossi Bellom
172 | - [**The Hidden RCE Surfaces That Control the Droids**](https://youtu.be/bCjkAkXiwK4?feature=shared)
173 |   - *Black Hat ASIA 2022* by: By: Qidan He & Juntao Wu
174 | - [**Breaking The Impossible: Bypassing Android's Secure Hardware Backed Attestation**](https://youtu.be/D42av_IfRMA?feature=shared)
175 |   - *BSides Basingstoke 2022* by Joseph Foote
176 |  
177 | ## Android GPU Attacks
178 | - [**The Way to Android Root: Exploiting Your GPU on Smartphone**](https://www.youtube.com/watch?v=Wr1Gio6X-O0) 
179 |   - *Black Hat USA 2024* By: Xiling Gong, Google Xuan Xing, Eugene Rodionov
180 | - [**The Way To Android Root: Exploiting Smartphone GPU**](https://youtu.be/BN07rjaNqXk?feature=shared)
181 |   - *DEFCON 32* by Xiling Gong, Eugene Rodionov
182 | - [**Make KSMA Great Again: The Art of Rooting Android Devices by GPU MMU Features**](https://youtu.be/2qkwSPnQqrU?feature=shared) 
183 |   - *Black Hat USA 2023* By: Yong Wang
184 | - [**Bad io_uring: A New Era of Rooting for Android**](https://www.youtube.com/watch?v=fhx3W1z7YD0) 
185 |   - *Black Hat USA 2023* By: Zhaofeng Chen , Kang Li , Zhenpeng Lin , Xinyu Xing
186 | - [**New Phones, Software & Chips = New Bugs?**](https://youtu.be/KAyfJt0CRVs?feature=shared) 
187 |   - *OffensiveCon23* by Martijn Bogaard
188 | - [**Evils in the Sparse Texture Memory: Exploit Kernel Based on Undefined Behaviors of Graphic APIs**](https://www.youtube.com/watch?v=0IiSbJB-smk) 
189 |   - *Black Hat Europe 2023* by By: Xingyu Jin , Tony Mendez , Richard Neal
190 | - [**Android Universal Root: Exploiting Mobile GPU / Command Queue Drivers**](https://www.youtube.com/watch?v=kEl5qbLZVeY) 
191 |   - *Black Hat USA 2022* by Jon Bottarini, Xingyu Jin, Richard Neal
192 | 
193 | ## Baseband Attacks
194 | - [**No Signal, No Security: Dynamic Baseband Vulnerability Research**](https://youtu.be/zoAITq7jUM8?feature=shared) 
195 |   - *OffensiveCon25* by Daniel Klischies and David Hirsch
196 | - [**Overcoming State: Finding Baseband Vulnerabilities by Fuzzing Layer-2**](https://www.youtube.com/watch?v=mXijb6ckU2c) 
197 |   - *Black Hat USA 2024* by Dyon Goos
198 | - [**How to Hack Shannon Baseband (from a Phone)**](https://youtu.be/quw8SnmMWg4?feature=shared) 
199 |   - *OffensiveCon23* by Natalie Silvanovich
200 | - [**Over the Air, Under the Radar: Attacking and Securing the Pixel Modem**](https://www.youtube.com/watch?v=KnN4NkaGCwE) 
201 |   - *Black Hat USA 2023* by  Xiling Gong , Farzan Karimi , Eugene Rodionov , Xuan Xing
202 | - [**Embedded Threats**](https://youtu.be/5oecn43xsDg?feature=shared) 
203 |   - *OffensiveCon23* by  Markus Vervier
204 | - [**A walk with Shannon: A walkthrough of a pwn2own baseband exploit - Amat Cama**](https://youtu.be/6bpxrfB9ioo?feature=shared)
205 |   - *InsomniHack 2018* by Amat Cama
206 |  
207 | ## Hard-Coded Credentials & Adjacent Attacks
208 | - [**Hacking Trains**](https://www.youtube.com/watch?v=Iq5_YN-QwP8)
209 |   - *Nullcon Berlin 2024* by Jaden Furtado
210 | - [**Hacking Arcades for Fun**](https://www.youtube.com/live/_lB0GKFKoS4?feature=shared&t=14976)
211 |   - *BSides Las Vegas 2024* by Ignacio Navarro
212 | - [**Open, Sesame!" Unlocking Bluetooth Padlocks With Kind Requests - Miłosz Gaczkowski & Alex Pettifer**](https://youtu.be/1JDqhzQCtAA?feature=shared&t=417)
213 |   - *BSides London 2023* by Miłosz Gaczkowski & Alex Pettifer
214 |   
215 | ## Android Kernel Exploits
216 | - [**How to Fuzz Your Way to Android Universal Root: Attacking Android Binder**](https://www.youtube.com/watch?v=U-xSM159YLI) 
217 |   - *OffensiveCon24* by Eugene Rodionov,Zi Fan Tan and Gulshan Singh
218 | - [**LinkDoor: A Hidden Attack Surface in the Android Netlink Kernel Modules**](https://www.youtube.com/watch?v=vqBC_WtDc6Q) 
219 |   - *Black Hat Asia 2024* By Chao Ma, Han Yan & Tim Xia
220 | - [**Game of Cross Cache: Let's win it in a more effective way**](https://www.youtube.com/watch?v=em9qgHm3uIk)
221 |   - *Black Hat Asia 2024* By Le Wu & Qi Zhang
222 | - [**Driving Forward in Android Drivers: Exploring the future of Android kernel hacking.**](https://www.youtube.com/watch?v=3xn_TmTIT4Q&t=9000s)
223 |   - *Shmoocon 2024* by Seth Jenkins
224 | - [**Exploiting Samsung: Analysis of an in-the-wild Samsung Exploit Chain**](https://youtu.be/hIRKYwgcT54?feature=shared)
225 |   - *Ekoparty 2022* by Maddie Stone
226 | - [**Elevating The TrustZone To Achieve A Powerful Android Kernel Exploit**](https://www.youtube.com/watch?v=WXqff23dT5I) 
227 |   - *Nullcon Goa 2022* by Tamir Zahavi 
228 | - [**Racing Against the Lock: Exploiting Spinlock UAF in the Android Kernel**](https://www.youtube.com/watch?v=E3CVDOlcHC4)  
229 |   - *OffensiveCon23* by Moshe Kol
230 | - [**ExplosION: The Hidden Mines in the Android ION Driver**](https://youtu.be/Qh6THzT0fxk?feature=shared)  
231 |   - *Black Hat Asia 2022* by Le Wu, Xuen Li, Tim Xia
232 | - [**Lost in Conversion: Exploit Data Structure Conversion with Attribute Loss to Break Android Systems**](https://youtu.be/14zczmy6U3k?feature=shared)  
233 |   - *USENIX Security 2023* by Rui Li
234 | - [**Attacking the Samsung Galaxy A Boot Chain**](https://youtu.be/WJ7wkJn7l7w?feature=shared)  
235 |   - *OffensiveCon24* by Maxime Rossi Bellom, Damiano Melotti, Raphael Neveu, Gabrielle Viala
236 | - [**Bug Hunting S21’s 10ADAB1E FW**](https://youtu.be/XvmtEwkG_Cc?feature=shared)  
237 |   - *OffensiveCon22* by Federico Menarini and Martijn Bogaard
238 | - [**Breaking Samsung's Root of Trust: Exploiting Samsung S10 Secure Boot**](https://www.youtube.com/watch?v=BwFtOrkKlbo&list=WL&index=1) 
239 |   - *Black Hat USA 2020* by By Cheng-Yu Chao, Hung Chi Su and Che-Yang Wu
240 | 
241 | ## Input Validation & Path Traversal Attacks
242 | - [**Breaking into Android IPC Mechanisms Through Advanced AIDL Fuzzing**](https://www.youtube.com/watch?v=3PDs5foTKT4) 
243 |   - *Bsides Ahmedabad 2025* by Rajanish Pathak & Hardik Mehta
244 | - [**Dirty Stream Attack, Turning Android Share Targets Into Attack Vectors**](https://www.youtube.com/watch?v=oZTGR9vJVMQ) 
245 |   - *Black Hat Asia 2023* by Dimitrios Valsamaras
246 | - [**Path traversal attacks on Android**](https://www.youtube.com/watch?v=EhCRdP1zXZo)
247 |   - *Ekoparty 2023: Mobile Hacking Village* by Lukas Stefanko
248 | - [**Bugfinding & Exploit Techniques Android File Transfer Apps**](https://www.youtube.com/watch?v=9gkconldTAU)
249 |   - *DEF CON 27* by Xiangqian Zhang
250 | 
251 | ## Android Ecosystem & Supply Chain Security
252 | - [**Hack, Patch, Repeat: Insider Tales from Android’s Bug Bounty**](https://youtu.be/ckswFEtmlk0?feature=shared) 
253 |   - *BSidesSF 2025* by Maria Uretsky, Camillus Cai
254 | - [**Vulnerabilities in the eSIM download protocol**](https://www.youtube.com/watch?v=3PDs5foTKT4) 
255 |   - *Black Hat Europe 2024* by Abu Shohel Ahmed, Tuomas Aura
256 | - [**38C3 - Ultrawide archaeology on Android native libraries**](https://youtu.be/Qhqh2yUpD3s?feature=shared)
257 |   - *38th Chaos Communication Congress 2024* by Rokhaya Fall, Luca Di Bartolomeo (cyanpencil)
258 | - [**Keys to the City: The Dark Trade-Off Between Revenue and Privacy in Monetizing SDKs**](https://www.youtube.com/watch?v=FsjwmOJ2Zek)
259 |   - *hack.lu 2024* by Dimitrios Valsamaras and José Leitão
260 | - [**When Exploits Aren't Binary - Keynote**](https://youtu.be/rVAsXjqp9TI?feature=shared)
261 |   - *BSides Canberra 2023* by Maddie Stone
262 | - [**A Very Powerful Clipboard Analysis of a Samsung in-the-wild exploit chain**](https://www.youtube.com/watch?v=hIRKYwgcT54) 
263 |   - *Ekoparty 2022* by Maddie Stone
264 | - [**0-day In-the-Wild Exploitation in 2022...so far.**](https://www.youtube.com/watch?v=ueLuIKjRTnY) 
265 |   - *FIRST 2022* by Maddie Stone
266 | - [**HITB2021AMS KEYNOTE 2: The State Of Mobile Security**](https://www.youtube.com/watch?v=oGZL3ywcy1E)
267 |   - *Hack In The Box Security Conference Amsterdam 2020* by Zuk Avraham
268 |  
269 | 
270 | 
271 | 
272 | 


--------------------------------------------------------------------------------