How to install OpenClaw on Android and control it via WhatsApp using automated script
Blog: https://www.mobile-hacker.com/2026/02/11/how-to-install-openclaw-on-an-android-phone-and-control-it-via-whatsapp/
Installer script: https://github.com/androidmalware/OpenClaw_Termux
Blog: https://www.mobile-hacker.com/2026/02/11/how-to-install-openclaw-on-an-android-phone-and-control-it-via-whatsapp/
Installer script: https://github.com/androidmalware/OpenClaw_Termux
GitHub
GitHub - androidmalware/OpenClaw_Termux: How to Install OpenClaw on an Android Phone and Control It via WhatsApp
How to Install OpenClaw on an Android Phone and Control It via WhatsApp - androidmalware/OpenClaw_Termux
π₯΄17π10π5π©3β€2π€£2π1
Intro to Android WebViews and deep linksβ¦and how to exploit them
https://djini.ai/intro-to-android-webviews-and-deep-links-and-how-to-exploit-them/
https://djini.ai/intro-to-android-webviews-and-deep-links-and-how-to-exploit-them/
Djini.ai
Intro to Android WebViews and deep links...and how to exploit them - Djini.ai
Android WebView is a system component that allows applications to render web content directly inside a native app, and it is one of the most widely used building blocks in the Android ecosystem. At the same time, deep links have become the primary way appsβ¦
π23β€8π2π1
phantom-frida:
Build anti-detection Frida server from source
https://github.com/TheQmaks/phantom-frida
Build anti-detection Frida server from source
https://github.com/TheQmaks/phantom-frida
GitHub
GitHub - TheQmaks/phantom-frida: Build anti-detection Frida server from source. ~90 patches covering 16 detection vectors, weeklyβ¦
Build anti-detection Frida server from source. ~90 patches covering 16 detection vectors, weekly auto-builds with random names. - TheQmaks/phantom-frida
π₯16π7β€2π1π1
justapk: Download any APK by package name. 6 sources, automatic fallback, Cloudflare bypass. CLI + Python API
https://github.com/TheQmaks/justapk
https://github.com/TheQmaks/justapk
GitHub
GitHub - TheQmaks/justapk: Download any APK by package name. 6 sources, automatic fallback, Cloudflare bypass. CLI + Python API.
Download any APK by package name. 6 sources, automatic fallback, Cloudflare bypass. CLI + Python API. - TheQmaks/justapk
β€16π6π3π1
JEZAIL: Android pentesting toolkit running fully on rooted devices
https://github.com/zahidaz/jezail
https://github.com/zahidaz/jezail
GitHub
GitHub - zahidaz/jezail: Powerful Android pentesting toolkit running fully on rooted devices.
Powerful Android pentesting toolkit running fully on rooted devices. - zahidaz/jezail
π12β€7π4
AWAKE: Android Wiki of Attacks, Knowledge & Exploits
https://zahidaz.github.io/awake/
https://zahidaz.github.io/awake/
zahidaz.github.io
AWAKE
Android Wiki of Attacks, Knowledge & Exploits
π13π4
Android Runs ELF Files: Everything Else Is Just Layers
https://blog.azzahid.com/posts/android-runs-elf-files-everything-else-is-just-layers/
https://blog.azzahid.com/posts/android-runs-elf-files-everything-else-is-just-layers/
Zahidβs Blog
Android Runs ELF Files: Everything Else Is Just Layers
If youβve ever wondered how apps written in Python, JavaScript, or C++ can run on Android when everyone says βAndroid is for Java and Kotlin,β youβre asking the right question. The answer isnβt complicated, but it does require understanding what Android actuallyβ¦
π10π2π2
What Is Android Application-Level Virtualization
https://blog.azzahid.com/posts/android-app-virtualization/
https://blog.azzahid.com/posts/android-app-virtualization/
Zahidβs Blog
What Is Android Application-Level Virtualization
Application-level virtualization in Android is an advanced technology that allows users to run multiple instances of the same app on a single device. Essentially, one app acts as a host, creating isolated virtual spaces where guest apps run as if they wereβ¦
π6π4
Deep analysis of a new Keenadu Android botnet (discovered connection between Triada, BADBOX, Vo1d, and Keenadu)
https://securelist.com/keenadu-android-backdoor/118913/
https://securelist.com/keenadu-android-backdoor/118913/
Securelist
Keenadu the tablet conqueror and the links between major Android botnets
Kaspersky experts have uncovered Keenadu, a sophisticated new backdoor targeting tablet firmware as well as system-level and Google Play apps. They also revealed connections between the world's most prolific Android botnets.
π9β‘2π₯±2β€1
The first known Android malware to abuse generative AI (Gemini) in its execution flow
https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/
https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/
Welivesecurity
PromptSpy ushers in the era of Android threats using GenAI
ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow.
β€11π4π₯3π2
Massiv: When your IPTV app terminates your savings
https://www.threatfabric.com/blogs/massiv-when-your-iptv-app-terminates-your-savings
https://www.threatfabric.com/blogs/massiv-when-your-iptv-app-terminates-your-savings
ThreatFabric
Massiv: When your IPTV app terminates your savings
Massiv is a new Device Takeover (DTO) malware family without direct links to other known threats, masquerading as an IPTV app.
π€£8β‘2π2π€1
MythDetector: Android app designed to detect presence of Frida in Android apps
https://github.com/arvinjangid/MythDetector
https://github.com/arvinjangid/MythDetector
GitHub
GitHub - arvinjangid/MythDetector: MythDetector is a lightweight Android application designed to help developers and testers detectβ¦
MythDetector is a lightweight Android application designed to help developers and testers detect presence of Frida in Android apps. - arvinjangid/MythDetector
π©10π6π5π€‘4β‘2
Intent Redirection in a Samsung Dialer SVE-2025β1217
https://medium.com/@happyjester80/intent-redirection-in-a-samsung-dialer-duplicate-sve-2025-1217-0160b0d79a74
https://medium.com/@happyjester80/intent-redirection-in-a-samsung-dialer-duplicate-sve-2025-1217-0160b0d79a74
Medium
Intent Redirection in a Samsung Dialer (Duplicate) SVE-2025β1217
Ψ¨ΩΨ³ΩΩ
Ω Ψ§ΩΩΩΩΩΩΩ Ψ§ΩΨ±ΩΩΨΩΩ
ΩΩΩ°ΩΩ Ψ§ΩΨ±ΩΩΨΩΩΩ
Ω
π₯18π5π3β€1
Firstβever Mobile Hacking Conference, happening next week β fully online and completely free.
Iβve summarized everything you need to know in one place β speakers, talks, CTFs, giveaways, free courses, and more.
https://www.mobile-hacker.com/2026/02/23/the-first-mobile-hacking-conference-is-coming-this-march/
Iβve summarized everything you need to know in one place β speakers, talks, CTFs, giveaways, free courses, and more.
https://www.mobile-hacker.com/2026/02/23/the-first-mobile-hacking-conference-is-coming-this-march/
Mobile Hacker
The First Mobile Hacking Conference Is Coming This March Mobile Hacker
The world of mobile security is getting its very first dedicated online conference - and youβre invited! Get ready for summit dedicated entirely to mobile hacking, organized by Mobile Hacking Lab - a one of leading platform for offensive mobile security trainingβ¦
π20π9π3
SURXRAT: From ArsinkRAT roots to LLM Module Downloads Signaling Capability Expansion
https://cyble.com/blog/surxrat-downloads-large-llm-module-from-hugging-face/
https://cyble.com/blog/surxrat-downloads-large-llm-module-from-hugging-face/
Cyble
SURXRAT Downloads Large LLM Module From Hugging Face
Cyble uncovers SURXRATβs evolution across versions, built on ArsinkRAT code, and now downloading large LLM modules signaling an expansion of its operational capabilities.
β€6β‘3π3
A Step-by-Step Guide to Uncovering Vulnerabilities in a Mobile App
https://ahmadaabdulla.medium.com/a-step-by-step-guide-to-uncovering-vulnerabilities-in-a-mobile-app-5a6b05e6b23b
https://ahmadaabdulla.medium.com/a-step-by-step-guide-to-uncovering-vulnerabilities-in-a-mobile-app-5a6b05e6b23b
Medium
A Step-by-Step Guide to Uncovering Vulnerabilities in a Mobile App
β€15π5π3
Android mental health apps are filled with security flaws
https://www.bleepingcomputer.com/news/security/android-mental-health-apps-with-147m-installs-filled-with-security-flaws/
https://www.bleepingcomputer.com/news/security/android-mental-health-apps-with-147m-installs-filled-with-security-flaws/
BleepingComputer
Android mental health apps with 14.7M installs filled with security flaws
Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users' sensitive medical information.
β€15π5π4
How Predator spyware defeats iOS recording indicators
https://www.jamf.com/blog/predator-spyware-ios-recording-indicator-bypass-analysis/
https://www.jamf.com/blog/predator-spyware-ios-recording-indicator-bypass-analysis/
Jamf
How Predator Spyware Defeats iOS Recording Indicators
An analysis documenting how a commercial spyware sample, Predator, operates post-compromise.
π13π€£3π3β€2π₯°1
How to run virtual iOS 26 iPhone on Apple Silicon Macs, built from Appleβs Private Cloud Compute firmware
https://github.com/wh1te4ever/super-tart-vphone-writeup
https://github.com/wh1te4ever/super-tart-vphone-writeup
GitHub
GitHub - wh1te4ever/super-tart-vphone-writeup
Contribute to wh1te4ever/super-tart-vphone-writeup development by creating an account on GitHub.
β€10π4π2
artifacts: CLI toolkit for static triage of suspicious APKs
https://github.com/drego85/artifacts
https://github.com/drego85/artifacts
GitHub
GitHub - drego85/artifacts: artifacts is a CLI toolkit for static triage of suspicious APKs.
artifacts is a CLI toolkit for static triage of suspicious APKs. - drego85/artifacts
β€7π3
Gadgetinjector: Frida Gadget injector for iOS 17 / iOS 18 IPAs, designed to work with Objection in listen mode
https://github.com/Saurabh221662/GadgetInjector
https://github.com/Saurabh221662/GadgetInjector
GitHub
GitHub - Saurabh221662/GadgetInjector
Contribute to Saurabh221662/GadgetInjector development by creating an account on GitHub.
π11β€2