Enumerating Android installed applications without special permissions
Sometimes I took some random Android app I’ve recently installed on my phone and start performing some tests on it. It’s not uncommon to see unauthenticated API requests, plaintext HTTP communication and some obfuscation logic or hardcoded credentials rammed down at client code. As I use to say in my…