I would recommend this one as it's very simple and I used it many times before https://play.google.com/store/apps/details?id=com.skjolberg.nfc.clone2&hl=en
EDIT: srry if you don't have a blank card to write, you need some emulator app instead :(
Ah, so it's not a distributed client - It's a server application.
The basic idea is to never have secrets accessible on the filesystem or in repositories, because these things can leak very easily. A typical solution is to pass secrets only via environment variables to the application and never have those included in files. Always trying to keep secrets only in memory.
Another typical option is to use some kind of encrypted keystore, which could also be included in the repository, but never store the key along with it. And then pass the key to the application, for example via environment variables, so it can decrypt it and use the keys.
There are also a few more fancy solutions like https://kubernetes.io/docs/concepts/configuration/secret/
Your environment changes between gdb and non-gdb runs. This in turn shifts the stack memory around.
This post has some useful info: https://stackoverflow.com/questions/17775186/buffer-overflow-works-in-gdb-but-not-without-it
The book "Hacking: The Art of Exploitation" has a chapter on this subject.
It would be incredibly difficult, but there are things you can do. First off, install Linux Deploy (root your device if needed). Your goal should be to try to make your android as similar to a PC as possible.
https://play.google.com/store/apps/details?id=ru.meefik.linuxdeploy
People below recommended Termux, which is a great terminal, but it won't be a full blown Linux Distro. Get a keyboard for better usage of your limited screen and faster typing speed, and you're golden!
Hi, create a virtual machine and when asked for a virtual disk, put it as your ISO.
https://www.virtualbox.org/wiki/Downloads (the host OS is the OS that you're on right now).
Most likely you mean Burp. Specifically the "replay" tab. You can use Burp as an HTTP proxy and if you want to play with a particular request you can do "rightclick->Send to repeater" and then play with it.
Got another interesting PDF today. At the rate we are receiving these I can provide a weekly "interesting file"
This is the analysis. https://www.hybrid-analysis.com/sample/43b1cf971c1be8e0bc6a7cf950a76522c7dba03b370ce7fe716e71b279b7a0ae?environmentId=100
hi, i haven't read "hacking:the are of exploitation" but you might want to compare it with Gray Hat Hacking: 5th edition.
is this the app to control your stove? https://play.google.com/store/apps/details?id=com.austroflamm if so I'll try to reverse engineer the apk to possibly find some way to get a firmware file then analyze the firmware itself in ghidra
A bit of extra links:
The flare-on ctf archive for exercises
if i'll be able to think of something else I will be sure to add it :)