// security researcher · payload development · mobile exploitation
Carlo Jae Avila_
pwning droids — for fun and profit (no profit yet)
Security researcher based in Manila, focused on mobile application security — Android/iOS apps, internals. Drawn toward red teaming, OSINT, and offensive AI security R&D.
9:41
surface.scan
ATTACK SURFACE target: com.banking.app ───────────────────── [!] ssl pinning bypassable [!] root detect weak [!] backup flag enabled [!] exported actv 3 found [!] webview js true [!] deep links unvalidated [+] pwning for fun and profit... _
// currently
// certifications & training
certified
CAAH
Certified Advanced Android Hacker
Covers advanced Android exploitation techniques and vulnerability research, preparing for competitive security challenges like Pwn2Own.
OMSE
Offensive Mobile Security Expert
Validates expertise in iOS and Android security across userland and kernel components, including vulnerability research and advanced mobile exploitation.
eMAPT
eLearnSecurity Mobile Application Penetration Tester
Validates Android mobile application penetration testing skills through a fully practical exam.
eWPTXv2
eLearnSecurity Web Application Penetration Tester eXtreme
Validates advanced web application penetration testing skills including complex exploitation and bypass techniques.
recent training
- HTB Academy · Penetration Tester Path
- HTB Academy · Bug Bounty Hunter Path
- Tryhackme · AI Security Path
- TCM Security · Practical Ethical Hacking
// cves
CVE-2023-4434
MEDIUM
↗
hamza417 · Inure App Manager
Improper validation of intent data received in TextViewerActivity allows opening of arbitrary files.
CVE-2023-4435
MEDIUM
↗
hamza417 · Inure App Manager
Theft of Arbitrary Files due to execution of attacker scripts from BashAssociation.kt.
CVE-2023-4876
HIGH
↗
hamza417 · Inure App Manager
Theft of Arbitrary Files due to lack of intent validation and insecure usage of provider paths in TTFViewerActivity.kt.
CVE-2023-5948
MEDIUM
↗
Team Amaze · Amaze File Utilities
Theft of Arbitrary Files from non-exported FileProvider via improper implementation of setResult in WelcomeScreen.kt.
CVE-2024-33469
HIGH
↗
Team Amaze · Amaze File Manager
Local attackers can execute arbitrary code via DatabaseViewerActivity in Amaze File Manager up to version 3.8.5.
CVE-2024-44336
MEDIUM
↗
AnkiDroid Open Source Team · AnkiDroid
Attackers can retrieve internal app files from private storage and save them to publicly accessible storage in AnkiDroid v2.17.6.
// projects
pwn_exhibit
Archive of CTF writeups and exploit dev notes — binary exploitation, Android reverse engineering, and malware analysis.
???
Something new is in the works — more details soon.
// find me