To protect against Man-in-the-Middle (MitM) attacks in mobile, you need robust end-to-end security...
Approov Blogs on Man-in-the-Middle attack
Man-in-the-middle (MitM) attacks occur when an attacker intercepts or manipulates mobile device...
This is the final article in a guest blog series from Intellyx. Find the full series here. A “man...
This overview outlines the history and use of Google Play Integrity API and highlights some...
The last year has not been great for crypto. Most crypto currencies, including Bitcoin, experienced...
23 June, 2023
How to Use a MitM Attack to Bypass Code Obfuscation to Extract Secrets From the ChatGPT Mobile App
In a previous article, we saw how to use code obfuscation to make it more difficult for an attacker...
Posts on
- API Security (159)
- Mobile App Authentication (93)
- Mobile App Development (82)
- Mobile Security (74)
- Threats (67)
- Mobile App Security (64)
- API Abuse (62)
- Integration (54)
- API Keys (52)
- API (47)
- MitM Attack (46)
- Bots (39)
- Business (38)
- Certificate Pinning (32)
- Reverse Engineering (31)
- Quickstart (23)
- App Attestation (21)
- Healthcare (21)
- TLS (21)
- Android (20)
- Backend (20)
- Repackaged Apps (20)
- Fintech (18)
- Mobile API Security (17)
- iOS (17)
- Scrapers (14)
- Mobility (13)
- RASP (13)
- Zero Trust (11)
- News (9)
- Android Security (8)
- Fake Accounts (8)
- Run-time Secrets Protection (8)
- Third Party APIs (8)
- Gaming and Gambling (7)
- Man-in-the-Middle attack (7)
- API Gateway (6)
- Account Hijacking (6)
- ReactNative (6)
- Automotive (5)
- HarmonyOS (5)
- Mobile Health (5)
- OAuth2 (5)
- Reverse Proxy (5)
- Apple (4)
- Code Obfuscation (4)
- Google (4)
- OWASP (4)
- Retail (4)
- Aggregators (3)
- CheatingAsAService (3)
- Mobile App Distribution (3)
- SafetyNet (3)
- Token-Based API Access (3)
- Web Security (3)
- gRPC (3)
- App Store (2)
- Cloud (2)
- Cordova (2)
- Cross-Platform (2)
- Data Security (2)
- Huawei (2)
- Mobile Banking (2)
- Mobile Finance (2)
- Mobile Payment Security (2)
- Pentesting (2)
- Runtime Application Self-Protection (2)
- SDLC (2)
- AWS (1)
- Account Takeover (1)
- App Shielding (1)
- Aviation (1)
- BOLA (1)
- CNIL (1)
- Connected Cars (1)
- Credential Stuffing (1)
- DMCC (1)
- DeviceCheck (1)
- E-Commerce (1)
- Frida (1)
- Frontend (1)
- Google Play (1)
- SDK (1)
- Smartphone Act (1)
- WAAP (1)
- WAF (1)
- over-the-air updates (1)
Popular Posts
- How to Bypass Certificate Pinning with Frida on an Android App
- Revealing the Limitations of Apple DeviceCheck and Apple App Attest
- How to Extract an API Key from a Mobile App by Static Binary Analysis
- MitM Attacks on Android Apps: A Step-by-Step Guide Using Emulators
- Why Does Your Mobile App Need an API Key?
- Limitations of Google Play Integrity API vs. Approov Mobile Security
- Securing HTTPS with Certificate Pinning on Android
- How Poor API Security Led to Major Breaches in 2024
- 5 Threats to Mobile Games and 5 Essential Security Measures
- Limitations of Huawei HarmonyOS Safety Detect: What You Need to Know
- Protect Mobile API: Prevent Certificate Pinning Bypass with Approov
- Epic Games Won Against Google but Lost to Apple - What are the Implications?
- Bypassing Certificate Pinning
- Three Actions You Should Take Right Now to Stop Mobile MitM Attacks
- How to Ride the Bus for Free (Hackers Need Not Apply)