One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant {APIs} in {WeChat}
The past few years have witnessed a boom of mobile super apps, which are the apps
offering multiple services such as e-commerce, e-learning, and e-government via miniapps …
offering multiple services such as e-commerce, e-learning, and e-government via miniapps …
Taintmini: Detecting flow of sensitive data in mini-programs with static taint analysis
Mini-programs, which are programs running inside mobile super apps such as WeChat,
often have access to privacy-sensitive information, such as location data and phone …
often have access to privacy-sensitive information, such as location data and phone …
Uncovering and exploiting hidden apis in mobile super apps
Mobile applications, particularly those from social media platforms such as WeChat and
TikTok, are evolving into" super apps" that offer a wide range of services such as instant …
TikTok, are evolving into" super apps" that offer a wide range of services such as instant …
Don't leak your keys: Understanding, measuring, and exploiting the appsecret leaks in mini-programs
Mobile mini-programs in WeChat have gained significant popularity since their debut in
2017, reaching a scale similar to that of Android apps in the Play Store. Like Google …
2017, reaching a scale similar to that of Android apps in the Play Store. Like Google …
MiniTracker: Large-Scale Sensitive Information Tracking in Mini Apps
W Li, B Yang, H Ye, L **ang, Q Tao… - … on Dependable and …, 2023 - ieeexplore.ieee.org
Running on host mobile applications, mini apps have gained increasing popularity these
days for its convenience in installation and usage. However, being easy to use allows mini …
days for its convenience in installation and usage. However, being easy to use allows mini …
Measuring the leakage and exploitability of authentication secrets in super-apps: The wechat case
Super-apps such as WeChat and Baidu host millions of mini-apps, which are very popular
among users and developers because of the mini-apps' convenience, lightweight, ease of …
among users and developers because of the mini-apps' convenience, lightweight, ease of …
RIoTFuzzer: Companion App Assisted Remote Fuzzing for Detecting Vulnerabilities in IoT Devices
Due to the diversity of architectures and peripherals of Internet of Things (IoT) systems,
blackbox fuzzing stands out as a prime option for discovering vulnerabilities of IoT devices …
blackbox fuzzing stands out as a prime option for discovering vulnerabilities of IoT devices …
MiniCAT: Understanding and Detecting Cross-Page Request Forgery Vulnerabilities in Mini-Programs
Mini-programs are lightweight apps running in super apps (such as WeChat, Baidu, Alipay,
and TikTok), an emerging paradigm in the era of mobile computing. With the growing …
and TikTok), an emerging paradigm in the era of mobile computing. With the growing …
Sok: Decoding the super app enigma: The security mechanisms, threats, and trade-offs in os-alike apps
The super app paradigm, exemplified by platforms such as WeChat and AliPay, has
revolutionized the mobile app landscape by enabling third-party developers to deploy add …
revolutionized the mobile app landscape by enabling third-party developers to deploy add …
WeMinT: Tainting Sensitive Data Leaks in WeChat Mini-Programs
Mini-programs (MiniApps), lightweight versions of full-featured mobile apps that run inside a
host app such as WeChat, have become increasingly popular due to their simplified and …
host app such as WeChat, have become increasingly popular due to their simplified and …