GitBook: [master] one page modified

mobile-apps-pentesting/android-app-pentesting/README.md

@@ -69,7 +69,7 @@ Activities can be exported allowing other processes on the device to launch the
 <service android:name=".ExampleExportedService" android:exported="true"/>
 ```
 
-#### URL schemes
+#### URL schemes / Deep links
 
 An application can declare an **URL schema** inside and activity so every time the Android device try to **access an address using that schema** the applications activity will be called: 
 
@@ -95,6 +95,8 @@ In this case you could try to abuse the functionality creating a web with the fo
 <a href="example://gizmos/javascript://%250dalert(1)">click here</a>
 ```
 
+Learn how to [call deep links without using HTML pages below](./#exploiting-schemes-deep-links).
+
 #### Content Provider <a id="services"></a>
 
 * Content Provider component supplies data from one application to others on request.
@@ -421,7 +423,7 @@ As service is basically something that **can receive data**, **process** it and
 A broadcast receiver will be waiting for a type of message. Depending on ho the receiver handles the message it could be vulnerable.  
 [**Learn how to exploit Broadcast Receivers with Drozer.**](./#exploiting-broadcast-receivers)
 
-### **Exploiting Schemes**
+### **Exploiting Schemes / Deep links**
 
 You can **open** a declared **scheme** using **adb** or a **browser**:
 
@@ -725,7 +727,8 @@ AndroL4b is an Android security virtual machine based on ubuntu-mate includes th
 
 ### Git Repos
 
-[https://github.com/riddhi-shree/nullCommunity/tree/master/Android](https://github.com/riddhi-shree/nullCommunity/tree/master/Android)
+[https://github.com/riddhi-shree/nullCommunity/tree/master/Android](https://github.com/riddhi-shree/nullCommunity/tree/master/Android)  
+[https://www.youtube.com/watch?v=PMKnPaGWxtg&feature=youtu.be&ab\_channel=B3nacSec](https://www.youtube.com/watch?v=PMKnPaGWxtg&feature=youtu.be&ab_channel=B3nacSec)
 
 ## References