Blogs on OWASP

Posts on

• API Security (154)
• Mobile App Authentication (92)
• Mobile App Development (82)
• Mobile Security (75)
• Threats (67)
• API Abuse (62)
• Mobile App Security (59)
• Integration (54)
• API Keys (50)
• API (48)
• MitM Attack (45)
• Bots (39)
• Business (38)
• Certificate Pinning (32)
• Reverse Engineering (31)
• Quickstart (23)
• Healthcare (21)
• TLS (21)
• Android (20)
• Backend (20)
• Repackaged Apps (20)
• Fintech (18)
• iOS (17)
• Mobile API Security (16)
• App Attestation (15)
• Scrapers (14)
• Mobility (13)
• RASP (12)
• News (9)
• Android Security (8)
• Fake Accounts (8)
• Third Party APIs (8)
• Zero Trust (8)
• Gaming and Gambling (7)
• API Gateway (6)
• Account Hijacking (6)
• Man-in-the-Middle attack (6)
• ReactNative (6)
• Automotive (5)
• HarmonyOS (5)
• Mobile Health (5)
• OAuth2 (5)
• Reverse Proxy (5)
• Apple (4)
• Google (4)
• OWASP (4)
• Retail (4)
• Run-time Secrets Protection (4)
• Aggregators (3)
• CheatingAsAService (3)
• Code Obfuscation (3)
• Mobile App Distribution (3)
• SafetyNet (3)
• Token-Based API Access (3)
• Web Security (3)
• gRPC (3)
• App Store (2)
• Cloud (2)
• Cordova (2)
• Cross-Platform (2)
• Huawei (2)
• Mobile Banking (2)
• Mobile Finance (2)
• Mobile Payment Security (2)
• Pentesting (2)
• SDLC (2)
• AWS (1)
• Account Takeover (1)
• App Shielding (1)
• BOLA (1)
• Connected Cars (1)
• Credential Stuffing (1)
• DMCC (1)
• Data Security (1)
• DeviceCheck (1)
• E-Commerce (1)
• Frida (1)
• Frontend (1)
• Google Play (1)
• Runtime Application Self-Protection (1)
• SDK (1)
• Smartphone Act (1)
• WAAP (1)
• WAF (1)
• over-the-air updates (1)

See all

Popular Posts

• How to Bypass Certificate Pinning with Frida on an Android App
• How to Extract an API Key from a Mobile App by Static Binary Analysis
• Revealing the Limitations of Apple DeviceCheck and Apple App Attest
• How to MitM Attack the API of an Android App
• Why Does Your Mobile App Need an API Key?