From 2d9d2da5d9df620d0669e096fce3a259e47179d3 Mon Sep 17 00:00:00 2001
From: Shayan Rais <shanraisshan@gmail.com>
Date: Thu, 16 Feb 2017 11:21:00 +0500
Subject: [PATCH 1/2] added EXPLOITS / VULNERABILITIES / BUGS section

Details of all the android related security issue that includes latest reported issue, how to report an issue, bounty programs etc
---
 README.md | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index d055092..26b902f 100644
--- a/README.md
+++ b/README.md
@@ -141,11 +141,6 @@ A lot of work is happening in academia and industry on tools to perform dynamic
 
 1. [FSquaDRA](https://github.com/zyrikby/FSquaDRA) - a tool for detection of repackaged Android applications based on app resources hash comparison.
 
-## EXPLOITABLE VULNERABILITIES
-
-1. [Vulnerability Google Doc](https://docs.google.com/spreadsheet/pub?key=0Am5hHW4ATym7dGhFU1A4X2lqbUJtRm1QSWNRc3E0UlE&single=true&gid=0&output=html)
-* [Root Exploits (from Drozer issue #56)](https://github.com/mwrlabs/drozer/issues/56)
-
 ## SAMPLE SOURCES
 
 1. [Contagio Mini Dump](http://contagiominidump.blogspot.com)
@@ -187,6 +182,22 @@ A lot of work is happening in academia and industry on tools to perform dynamic
 ## TUTORIALS
 1. [Android Reverse Engineering 101 by Daniele Altomare](http://www.fasteque.com/android-reverse-engineering-101-part-1/)
 
+#EXPLOITS / VULNERABILITIES / BUGS
+
+List
+----
+1. [Vulnerability Google Doc](https://docs.google.com/spreadsheet/pub?key=0Am5hHW4ATym7dGhFU1A4X2lqbUJtRm1QSWNRc3E0UlE&single=true&gid=0&output=html)
+* [Root Exploits (from Drozer issue #56)](https://github.com/mwrlabs/drozer/issues/56)
+* [Android reported security vulnerabilities](https://www.cvedetails.com/vulnerability-list/vendor_id-1224/product_id-19997/Google-Android.html)
+
+Bounty Programs
+----
+1. [Android's Security Reward Program](https://www.google.com/about/appsecurity/android-rewards/)
+
+How to report
+----
+1. [Android - reporting security issues](https://source.android.com/security/overview/updates-resources.html#report-issues)
+
 # Other Awesome Lists
 Other amazingly awesome lists can be found in the
 [awesome-awesomeness](https://github.com/bayandin/awesome-awesomeness) list.

From edf0b30fd9d8eeaeab0cb92b4c630bf54c8623aa Mon Sep 17 00:00:00 2001
From: Shayan Rais <shanraisshan@gmail.com>
Date: Thu, 16 Feb 2017 11:58:59 +0500
Subject: [PATCH 2/2] added Android Security Bulletins in list of bugs

Android Security Bulletins maintains the list of monthly official android security issues.
---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 26b902f..05b1fda 100644
--- a/README.md
+++ b/README.md
@@ -188,6 +188,7 @@ List
 ----
 1. [Vulnerability Google Doc](https://docs.google.com/spreadsheet/pub?key=0Am5hHW4ATym7dGhFU1A4X2lqbUJtRm1QSWNRc3E0UlE&single=true&gid=0&output=html)
 * [Root Exploits (from Drozer issue #56)](https://github.com/mwrlabs/drozer/issues/56)
+* [Android Security Bulletins](https://source.android.com/security/bulletin/)
 * [Android reported security vulnerabilities](https://www.cvedetails.com/vulnerability-list/vendor_id-1224/product_id-19997/Google-Android.html)
 
 Bounty Programs