Blogs by David Stewart

Posts on

• API Security (156)
• Mobile App Authentication (93)
• Mobile App Development (82)
• Mobile Security (75)
• Threats (67)
• Mobile App Security (63)
• API Abuse (62)
• Integration (54)
• API Keys (52)
• API (48)
• MitM Attack (46)
• Bots (39)
• Business (38)
• Certificate Pinning (32)
• Reverse Engineering (31)
• Quickstart (23)
• Healthcare (21)
• TLS (21)
• Android (20)
• Backend (20)
• Repackaged Apps (20)
• App Attestation (18)
• Fintech (18)
• iOS (17)
• Mobile API Security (16)
• Scrapers (14)
• Mobility (13)
• RASP (13)
• News (9)
• Android Security (8)
• Fake Accounts (8)
• Third Party APIs (8)
• Zero Trust (8)
• Gaming and Gambling (7)
• Man-in-the-Middle attack (7)
• Run-time Secrets Protection (7)
• API Gateway (6)
• Account Hijacking (6)
• ReactNative (6)
• Automotive (5)
• HarmonyOS (5)
• Mobile Health (5)
• OAuth2 (5)
• Reverse Proxy (5)
• Apple (4)
• Code Obfuscation (4)
• Google (4)
• OWASP (4)
• Retail (4)
• Aggregators (3)
• CheatingAsAService (3)
• Mobile App Distribution (3)
• SafetyNet (3)
• Token-Based API Access (3)
• Web Security (3)
• gRPC (3)
• App Store (2)
• Cloud (2)
• Cordova (2)
• Cross-Platform (2)
• Huawei (2)
• Mobile Banking (2)
• Mobile Finance (2)
• Mobile Payment Security (2)
• Pentesting (2)
• Runtime Application Self-Protection (2)
• SDLC (2)
• AWS (1)
• Account Takeover (1)
• App Shielding (1)
• BOLA (1)
• Connected Cars (1)
• Credential Stuffing (1)
• DMCC (1)
• Data Security (1)
• DeviceCheck (1)
• E-Commerce (1)
• Frida (1)
• Frontend (1)
• Google Play (1)
• SDK (1)
• Smartphone Act (1)
• WAAP (1)
• WAF (1)
• over-the-air updates (1)

See all

Popular Posts

• How to Bypass Certificate Pinning with Frida on an Android App
• Revealing the Limitations of Apple DeviceCheck and Apple App Attest
• How to Extract an API Key from a Mobile App by Static Binary Analysis
• How to MitM Attack the API of an Android App
• Why Does Your Mobile App Need an API Key?
• Securing HTTPS with Certificate Pinning on Android
• The Limitations of Google Play Integrity API (ex SafetyNet)
• 5 Threats to Mobile Games and 5 Essential Security Measures
• How Poor API Security Led to Major Breaches in 2024
• Limitations of Huawei HarmonyOS Safety Detect: What You Need to Know
• How to Protect Against Certificate Pinning Bypassing
• How to Use Code Obfuscation to Hide Secrets in Your Mobile App
• Epic Games Won Against Google but Lost to Apple - What are the Implications?
• How to Ride the Bus for Free (Hackers Need Not Apply)
• Steal That API Key with a Man in the Middle Attack