https://hackerone.com/reports/351555
https://blog.oversecured.com/Android-security-checklist-webview/
https://hackerone.com/reports/855618
https://hackerone.com/reports/401793
https://hackerone.com/reports/281605 - TinyCards made this report private.
Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC
https://hackerone.com/reports/971386
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/ - Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC - CVE-2020-8913
https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/ - Oversecured detects dangerous vulnerabilities in the TikTok Android app
https://blog.oversecured.com/Exploiting-memory-corruption-vulnerabilities-on-Android/ - Exploiting memory corruption vulnerabilities on Android + an example of such vulnerability in PayPal apps
https://hackerone.com/reports/291764
https://hackerone.com/reports/328486
How to exploit insecure WebResourceResponse configurations + an example of the vulnerability in Amazon apps
https://blog.oversecured.com/Android-Exploring-vulnerabilities-in-WebResourceResponse/ - Android: Exploring vulnerabilities in WebResourceResponse
https://hackerone.com/reports/499348
https://hackerone.com/reports/288955
https://hackerone.com/reports/258460
https://hackerone.com/reports/161710
https://hackerone.com/reports/44727
https://hackerone.com/reports/57918
https://hackerone.com/reports/431002
https://hackerone.com/reports/202425
https://hackerone.com/reports/205000
https://hackerone.com/reports/331489
https://hackerone.com/reports/490946
https://hackerone.com/reports/637194
https://hackerone.com/reports/176065
https://hackerone.com/reports/283058
https://hackerone.com/reports/283063
https://hackerone.com/reports/189793
https://hackerone.com/reports/87835
https://blog.oversecured.com/Common-mistakes-when-using-permissions-in-Android/
https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-2/
https://blog.oversecured.com/Two-weeks-of-securing-Samsung-devices-Part-1/
https://hackerone.com/reports/97295
https://hackerone.com/reports/272044
https://hackerone.com/reports/200427
https://hackerone.com/reports/43988
https://hackerone.com/reports/54631
https://hackerone.com/reports/583987
https://hackerone.com/reports/187714
https://hackerone.com/reports/167481
https://hackerone.com/reports/289000
https://hackerone.com/reports/56002
A vulnerable app showing modern security bugs in Android apps
Vulnerable Banking Application for Android
Intentionally Vulnerable Android Application
Vulnerable Android Application made with security issues
Damn Insecure and vulnerable App for Android
Detect secret leaks in Android apps online
Attacking vulnerable Broadcast Recievers
Android Webview Vulnerabilities
Android reverse engineering recon
Webview addjavascriptinterface RCE
Install PLayStore On Android Emulator
Android: Access to app protected components
Android: arbitrary code execution via third-party package contexts
Interception of Android implicit intents
Evernote: Universal-XSS, theft of all cookies from all sites, and more