Alaeddine Mesbahi
New OWASP Mobile Top 10
Release of new OWASP Mobile Top 10 with improvements, updates and a behind the scenes.
Mon 27 November 2023
Where are all these 3rd party SDKs sending my users' data? 😨
Ostorlab’s new features are laser-focused on helping teams understand, track and search their attack surface, what attackers are seeing and targetting, and basically what can get an organization hacked.
Thu 02 February 2023
2022 at Ostorlab
2022 is a year that brings with it many global challenges, including war, economic uncertainty, and rising inflation in many parts of the world. Despite these challenges, we at Ostorlab are grateful to have had an incredibly successful year.
Tue 03 January 2023
Text4Shell (CVE-2022-42889) in Mobile Applications ... should I worry?
CVE-2022-42889 is a vulnerability in the Apache Commons Text Library caused by string interpolation abusing powerful handlers and present in popular application like Amazon Shopping, Udemy and Grammarly. This article goes over the applicability and risk of this vulnerability for Mobile Applications.
Mon 24 October 2022
Improved Attack Surface Discovery, Mobile and Web Security Scanning
Largest release with improvements to Attack Surface, Open-Source, Mobile and Web scanning and much much more.
Ostorlab vs. NowSecure vs. MobSF vs. Immuniweb vs. AppKnox vs. Quixxi vs. Oversecured
This article provides a comprehensive view of the security mobile security scanning solutions, while at the same time highlighting what truly differentiates them.
Latest posts
Ostorlab is Open-Source 🎊
This is a major release open-sourcing Ostorlab and announcing tons of new features and capabilities.
Mon 21 February 2022
New Features, improved ticket management, integrations including Jira support
Vulnerability management is a hard journey, the help enable fixing of vulnerabilities urgently, diligently and efficiently, we are excited to release our new remediation capabilities with a wealth of new features.
Thu 04 November 2021
Release of a new remediation capabilities to enable fast, diligent and efficient fixes
Vulnerability management is a hard journey, the help enable fixing of vulnerabilities urgently, diligently and efficiently, we are excited to release our new remediation capabilities with a wealth of new features.
Wed 06 October 2021
Universal bypass of SSL Pinning ... from theory to a full working PoC with LLDB
This article is about bypassing SSL pinning without needing to. Sounds confusing? We will go over the theory, build a full PoC using LLDB in Python and finally extend it to other cool tasks.
Tue 18 May 2021
Finding superhuman XSS polyglot payloads with Genetic Algorithms
The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.
Mon 01 March 2021
Ostorlab adds Web Security Scanning to its arsenal
Ostorlab is adding Web Security Scanner to its arsenal with novel approaches to vulnerability discovery.
Mon 15 February 2021
Two efficient features to continuously monitor mobile applications
Whether we are developing a mobile application or assessing its security, we need to continuously review it with every new release. Repetitively building the app, uploading the file, and creating a scan quickly becomes an annoyance. Ostorlab is excited to announce the introduction of two new features to ease the burden of testing your app.
Sat 24 October 2020
Create scans directly from the Android and iOS Store
Ostorlab now supports creating scans directly from Android Play Store and iOS App Store
Sun 16 August 2020