Pentesting Xamarin Android apps: DLLs and root check bypass


In this article, I’ll show how to detect and bypass some basic security checks in the application’s DLLs, such as the root check, to be able to start pentesting an android mobile application written in Xamarin.


I was not expecting Xamarin. I’m quite new to the mobile application pentesting world and it was a sunny bright day when I decided to pick an app from a bug bounty program thinking “this app looks like a good candidate to flex my new skills”. Turned out it was quite different from my previous experiences. Not so sunny anymore.

Read more…