Ostorlab: Mobile App Security Testing for Android and iOS

Alaeddine Mesbahi

Co-Founder and CEO LinkedIn

Alaeddine Mesbahi is the co-founder and CEO of Ostorlab, where he leads the company's vision for automated security testing and vulnerability management. Before founding Ostorlab, he held roles at Google on the security automation team and at Cisco's Trust Office. Alaeddine started his career as a penetration tester, building deep hands-on expertise in offensive security and technical research. He has presented at leading industry conferences including Black Hat US, BruCon, and OWASP AppSec, and holds several professional certifications such as OSCP, OSCE, and GREM.

Articles by Alaeddine Mesbahi

Security

Finding superhuman XSS polyglot payloads with Genetic Algorithms

The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.

Alaeddine Mesbahi


            Mon 01 March 2021

Product

Ostorlab adds Web Security Scanning to its arsenal

Ostorlab is adding Web Security Scanner to its arsenal with novel approaches to vulnerability discovery.

Alaeddine Mesbahi


                  Mon 15 February 2021

Security

Autonomous Security: Pushing Security Automation to the Next Level

The article introduces the term Autonomous Security in the context of security scanning and defin...

Alaeddine Mesbahi, Amine


                  Mon 26 October 2020

Product

Two efficient features to continuously monitor mobile applications

Whether we are developing a mobile application or assessing its security, we need to continuously...

Alaeddine Mesbahi


                  Sat 24 October 2020

Product

Create scans directly from the Android and iOS Store

Ostorlab now supports creating scans directly from Android Play Store and iOS App Store

Alaeddine Mesbahi


                  Sun 16 August 2020

Security

How to Carry out Nation-scale Mobile Devices Compromise: COVID-19 Contact Tracing App BeAware Bahrain Review

Mobile security testing of Covid-19 Contact Tracing Application BeAware

Alaeddine Mesbahi, Amine Mesbahi, Guillaume Lopes


                  Sun 05 July 2020

Latest posts

Security

COVID-19 Contact Tracing App Wiqaytna Mobile Application Security Review

Mobile security testing of Covid-19 Contact Tracing Application Wiqaytna

Alaeddine Mesbahi, Amine Mesbahi, Guillaume Lopes


                    Mon 15 June 2020

Product

What's New in Ostorlab Mobile Security Scanner 2020.05.08

Xamarin decompilation, deprecated TLS protocols, hardcoded secrets and even more, Owasp top 10

Alaeddine Mesbahi


                    Fri 08 May 2020

Engineering

Detection Engine @ Ostorlab

Overview of the detection capabilities provided by Ostorlab

Alaeddine Mesbahi


                    Fri 01 May 2020

Product

What's New in Ostorlab 2020.04

Better management of scan lifecycle, export scan results and subscriptions

Alaeddine Mesbahi


                    Wed 08 April 2020

Security

DOM XSS Fuzzing strategies - Part 1

XSS are still by far the most common type of vulnerabilities, this article presents strategies to automate the search for XSSes.

Alaeddine Mesbahi


                    Sat 22 December 2018

Changelog

View all changes

2 of 2

Alaeddine Mesbahi

Finding superhuman XSS polyglot payloads with Genetic Algorithms

Ostorlab adds Web Security Scanning to its arsenal

Autonomous Security: Pushing Security Automation to the Next Level

Two efficient features to continuously monitor mobile applications

Create scans directly from the Android and iOS Store

How to Carry out Nation-scale Mobile Devices Compromise: COVID-19 Contact Tracing App BeAware Bahrain Review

Latest posts

COVID-19 Contact Tracing App Wiqaytna Mobile Application Security Review

What's New in Ostorlab Mobile Security Scanner 2020.05.08

Detection Engine @ Ostorlab

What's New in Ostorlab 2020.04

DOM XSS Fuzzing strategies - Part 1

Changelog

Subscribe to the Ostorlab Newsletter