This report documents the findings of a penetration test against the Tornaj Android mobile application, carried out in February 2017 by Cure53. The tests, which involved three members of the Cure53 team, yielded seven security-relevant discoveries.
The full audit and summary of findings can be found below.
