Android-Reports-and-Resources
HackerOne Reports
Hardcoded credentials
Disclosure of all uploads via hardcoded api secret
https://hackerone.com/reports/351555
RCE
RCE in TinyCards for Android
https://hackerone.com/reports/281605
Session theft
Steal user session
https://hackerone.com/reports/328486
Steal files
Token leakage due to stolen files via unprotected Activity
https://hackerone.com/reports/288955
Steal files due to exported services
https://hackerone.com/reports/258460
Steal files due to unprotected exported Activity
https://hackerone.com/reports/161710
Steal files due to insecure data storage
https://hackerone.com/reports/44727
Insecure local data storage, makes it easy to steal files
https://hackerone.com/reports/57918
Bypasses
Two-factor authentication bypass due to vuln endpoint
https://hackerone.com/reports/202425
Another endpoint Auth bypass
https://hackerone.com/reports/205000
XSS
HTML Injection in BatterySaveArticleRenderer WebView
https://hackerone.com/reports/176065
XSS via SAMLAuthActivity
https://hackerone.com/reports/283058
XSS in ImageViewerActivity
https://hackerone.com/reports/283063
XSS via start ContentActivity
https://hackerone.com/reports/189793
XSS on Owncloud webview
https://hackerone.com/reports/87835
Privilege Escalation
Intent Spoofing
https://hackerone.com/reports/97295
Access of some not exported content providers
https://hackerone.com/reports/272044
Access protected components via intent
https://hackerone.com/reports/200427
Fragment injection
https://hackerone.com/reports/43988
Javascript injection
https://hackerone.com/reports/54631
Intercept Broadcasts
Possible to intercept broadcasts about file uploads
https://hackerone.com/reports/167481
Vulnerable exported broadcast reciever
https://hackerone.com/reports/289000
Practice Apps
Android-InsecureBankv2
Damn Insecure and Vulnerable app
Damn Insecure and vulnerable App for Android
OWASP-GoatDroid-Project
Sieve mwrlabs
Resources
Detect secret leaks in Android apps online
Attacking vulnerable Broadcast Recievers
Android Webview Vulnerabilities
Android reverse engineering recon
Webview addjavascriptinterface RCE