exploiting-insecure-data-storage-in-mobile

Featured

Identifies and exploits insecure local data storage vulnerabilities in Android and iOS mobile applications including unencrypted databases, world-readable files, insecure SharedPreferences, plaintext credential storage, and improper keychain/keystore usage. Use when performing mobile penetration testing focused on OWASP M9 (Insecure Data Storage) or assessing compliance with MASVS-STORAGE requirements. Activates for requests involving mobile data storage security, local storage exploitation, SharedPreferences analysis, or mobile data leakage assessment.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Exploiting Insecure Data Storage in Mobile ## When to Use Use this skill when: - Assessing whether mobile applications store sensitive data securely on the device filesystem - Testing for credential leakage through SharedPreferences, SQLite databases, or plists - Evaluating keychain/keystore implementation for proper access control attributes - Performing data-at-rest security assessment during mobile penetration tests **Do not use** this skill on production user devices without authorization -- data extraction techniques require physical access or root/jailbreak privileges. ## Prerequisites - Rooted Android device or emulator with ADB access - Jailbroken iOS device with SSH access or Objection-patched IPA - ADB (Android Debug Bridge) for Android filesystem access - SQLite3 CLI for database inspection - Frida/Objection for runtime data extraction - Target application installed and exercised (logged in, data cached) > **Legal Notice:** This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have written permission to test is illegal and may violate computer fraud laws. ## Workflow ### Step 1: Map Application Data Storage Locations **Android storage paths:** ```bash # Internal storage (app-private, requires root) /data/data/<package_name>/ ├── shared_prefs/ # SharedPreferences XML files ├── databases/ # SQLite databases ├── files/ # General files ├── cache/ #...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Integrates with

SQLite · Database

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

conducting-mobile-app-penetration-test

Conducts penetration testing of iOS and Android mobile applications following the OWASP Mobile Application Security Testing Guide (MASTG) to identify vulnerabilities in data storage, network communication, authentication, cryptography, and platform-specific security controls. The tester performs static analysis of application binaries, dynamic analysis at runtime, and API security testing to evaluate the complete mobile attack surface. Activates for requests involving mobile app pentest, iOS security assessment, Android security testing, or OWASP MASTG assessment.

12,642 Updated today
mukul975
Testing & QA Solid

mobile-security-testing-skill

Android and iOS application security testing

1,034 Updated today
a5c-ai
AI & Automation Solid

mobile-security

Mobile application security skill for implementing OWASP MASVS compliance, secure storage, certificate pinning, biometric authentication, and security hardening across iOS and Android platforms.

1,034 Updated today
a5c-ai
AI & Automation Featured

detecting-mobile-malware-behavior

Detects and analyzes malicious behavior in mobile applications through behavioral analysis, permission abuse detection, network traffic monitoring, and dynamic instrumentation. Use when analyzing suspicious mobile applications for data exfiltration, command-and-control communication, credential stealing, SMS interception, or other malware indicators. Activates for requests involving mobile malware analysis, app behavior monitoring, trojan detection, or suspicious app investigation.

12,642 Updated today
mukul975
AI & Automation Featured

exploiting-deeplink-vulnerabilities

Tests and exploits deep link (URL scheme and App Link) vulnerabilities in Android and iOS mobile applications to identify unauthorized access, data injection, intent hijacking, and redirect manipulation. Use when assessing mobile app attack surface through custom URI schemes, Android App Links, iOS Universal Links, or intent-based navigation. Activates for requests involving deep link security testing, URL scheme exploitation, mobile intent abuse, or link hijacking.

12,642 Updated today
mukul975