Articles


Cloud
Taking Cloud Run for a Test drive
Wed 16 October 2019

We took Cloud Run for a Test Drive, these are we what learnt.

Pentest
Ostorlab Insecure Application
Mon 14 October 2019

This article describes the usage of Ostorlab Insecure Application.

Pentest
Application Security Testing on non-Jailbroken iOS from Linux
Tue 08 October 2019

How to perform security checks of an iOS application file on a non-jailbroken iPhone from a Linux Machine.

Ostorlab
Community scanner goes full capabilities
Sun 03 March 2019

In a mission to build the best security scanning technologies, Ostorlab team is proud to announce that the community scanner is no longer limited and will benefit immediatly from our full static detection capabilities, while we work to scale our dynamic analysis and make readily available.

Pentest
Security, what opportunities and challenges for 2019?
Mon 07 January 2019

Use the start of the year to contemplate how the previous year went, and prepare for the upcoming is an important exercise to put things into perspective and reevaluate some of our choices.

Web
DOM XSS Fuzzing strategies - Part 1
Sat 22 December 2018
By ASM

XSS are still by far the most common tyope of vulnerabilities, this article presents strategies to automate the search for XSSes.

Mobile
Hardcoded AWS keys in Mobile Applications
Thu 20 December 2018

This article is about how to manage AWS access keys when using AWS services in your mobile application.

Ostorlab
New Features and Roadmap
Thu 20 September 2018

The last few months, Ostorlab team has been hard at work adding exciting new features. Some of these have already hit production, or will do so in the upcoming weeks and months.

ML
Reinforcement Learning & Automated Testing - part 1
Mon 22 January 2018

I will be sharing through a series of blog posts our past experimentations with the use of reinforcement learning for automated testing, to both chase bugs and find vulnerabilities.