Articles by

Alaeddine Mesbahi

New OWASP Mobile Top 10

Release of new OWASP Mobile Top 10 with improvements, updates and a behind the scenes.

Product

Where are all these 3rd party SDKs sending my users' data? 😨

Ostorlab’s new features are laser-focused on helping teams understand, track and search their attack surface, what attackers are seeing and targetting, and basically what can get an organization hacked.

Thu 02 February 2023

Product

2022 at Ostorlab

2022 is a year that brings with it many global challenges, including war, economic uncertainty, and rising inflation in many parts of the world. Despite these challenges, we at Ostorlab are grateful to have had an incredibly successful year.

Tue 03 January 2023

Security

Text4Shell (CVE-2022-42889) in Mobile Applications ... should I worry?

CVE-2022-42889 is a vulnerability in the Apache Commons Text Library caused by string interpolation abusing powerful handlers and present in popular application like Amazon Shopping, Udemy and Grammarly. This article goes over the applicability and risk of this vulnerability for Mobile Applications.

Mon 24 October 2022

Improved Attack Surface Discovery, Mobile and Web Security Scanning

Largest release with improvements to Attack Surface, Open-Source, Mobile and Web scanning and much much more.

Ostorlab vs. NowSecure vs. MobSF vs. Immuniweb vs. AppKnox vs. Quixxi vs. Oversecured

This article provides a comprehensive view of the security mobile security scanning solutions, while at the same time highlighting what truly differentiates them.

Latest posts

Ostorlab is Open-Source 🎊

This is a major release open-sourcing Ostorlab and announcing tons of new features and capabilities.

Mon 21 February 2022

New Features, improved ticket management, integrations including Jira support

Vulnerability management is a hard journey, the help enable fixing of vulnerabilities urgently, diligently and efficiently, we are excited to release our new remediation capabilities with a wealth of new features.

Thu 04 November 2021

Release of a new remediation capabilities to enable fast, diligent and efficient fixes

Vulnerability management is a hard journey, the help enable fixing of vulnerabilities urgently, diligently and efficiently, we are excited to release our new remediation capabilities with a wealth of new features.

Wed 06 October 2021

Universal bypass of SSL Pinning ... from theory to a full working PoC with LLDB

This article is about bypassing SSL pinning without needing to. Sounds confusing? We will go over the theory, build a full PoC using LLDB in Python and finally extend it to other cool tasks.

Tue 18 May 2021

Finding superhuman XSS polyglot payloads with Genetic Algorithms

The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.

Mon 01 March 2021

Ostorlab adds Web Security Scanning to its arsenal

Ostorlab is adding Web Security Scanner to its arsenal with novel approaches to vulnerability discovery.

Mon 15 February 2021

Two efficient features to continuously monitor mobile applications

Whether we are developing a mobile application or assessing its security, we need to continuously review it with every new release. Repetitively building the app, uploading the file, and creating a scan quickly becomes an annoyance. Ostorlab is excited to announce the introduction of two new features to ease the burden of testing your app.

Sat 24 October 2020

Create scans directly from the Android and iOS Store

Ostorlab now supports creating scans directly from Android Play Store and iOS App Store

Sun 16 August 2020


Previous
1 of 2