#100vibeprojects โ Public Fediverse posts
Live and recent posts from across the Fediverse tagged #100vibeprojects, aggregated by home.social.
-
Day 10 of #100VibeProjects ๐
Built a local web tool that does static security analysis of Android APKs โ upload an APK and get a report covering permissions, hardcoded secrets, SDK fingerprinting, cert pinning, and crypto posture.
The interesting part: the methodology came from reverse-engineering the WhiteHouse app teardown that went viral last week. Applied the same five-gate analysis framework to a real banking app.
Found an expired certificate pin (silently disables TLS pinning for all users), a session replay SDK with no confirmed masking rules, and four Adobe tracking SDKs doing cross-device user stitching.
The tool runs entirely locally. No data leaves your machine. APK deleted after analysis.
Stack: Python ยท Flask ยท androguard ยท 380 lines
๐ Blog: mrdee.in
https://mrdee.in/writing/vibecoding-day010-offline-apk-security-analyzer/๐ป GitHub Repo: https://github.com/mr-dinesh/Offline-APK-Analyzer
#VibeCoding #AppSec #AndroidSecurity #MobileSecurity #Python #Flask #DFIR #InfoSec #ReverseEngineering #CyberSecurity