Ostorlab: Mobile App Security Testing for Android and iOS

Articles by

Ostorlab Team

Android external libs!

For an Android developer, it has become standard practice to use external libraries to easily extend the functionalities of the mobile application . Thanks to Gradle easy dependency integration, features like HTTP frameworks, database ORM, fancy scrolling, efficient image loading, caching, social network integration and many others can be added easily.

Ostorlab Team


            Tue 01 November 2016

Security

Vulnerabilities tested by Google Play Store

Google will start identifying security weaknesses in Apps pushed to the Play Store...

Ostorlab Team


                  Mon 05 September 2016

Engineering

Python Concurrency and Parallelism: building a custom ProcessPoolExecutor

At Ostorlab we scan hundreds of Mobile Applications each day, each scan is very resource intensive but at the same time, since the beginning, we had to optimize the code for speed and maximize use of cloud resources.

Ostorlab Team


                  Mon 18 July 2016

Security

New in Android M and N: Runtime Permissions

In Android, the permission system was one of the major security concerns of the platform for many reasons...

Ostorlab Team


                  Fri 27 May 2016

Security

Android SSL certificate pinning to prevent Man-in-the-middle attack

Implementing SSL certificate pinning in mobile apps to secure the communication between the user's device and the backend

Ostorlab Team


                  Wed 11 May 2016

Security

Reversing JNI, or how Facebook is crashing their own application

Apparently Facebook is crashing their apps intentionally in order to test users reaction and evaluate their adherence to Facebook service. This post is however not about the user's behavioral analysis, but about the technical aspects of how it is done - or just an excuse to dive into JNI reversing.

Ostorlab Team


                  Thu 07 January 2016

Latest posts

Security

What every pentesters should learn in 2016

The last years have come with meaningful changes in the way IT professionals operate and the way we approach security...

Ostorlab Team


                    Sat 02 January 2016

Product

Ostorlab Beta is out

We are pleased to release the Beta version of our online mobile application security scanner.

Ostorlab Team


                    Sun 20 December 2015

Security

Best SSL/TLS resources (Attacks, Tools, Talks)

This article will reference the best current resources on SSL/TLS.

Ostorlab Team


                    Tue 25 August 2015

Changelog

View all changes

Expanded Privacy Analysis, Attack Surface Profiling, and GitHub Source Mapping Improvements


                  Mon 12 May 2025

CNIL Standard Integration, SARIF Support, Copilot Enhancements, and Smarter Vulnerability Analysis.


                  Mon 07 April 2025

Ostorlab's Security Scanner GitHub App,Ticket Aggregation V2, Copilot Launch, and Enhanced Security Features


                  Thu 20 February 2025

AI-automated Attack surface, Privacy Analysis, Wordpress agent, and more.


                  Mon 20 January 2025

10 of 10

Ostorlab Team

Android external libs!

Vulnerabilities tested by Google Play Store

Python Concurrency and Parallelism: building a custom ProcessPoolExecutor

New in Android M and N: Runtime Permissions

Android SSL certificate pinning to prevent Man-in-the-middle attack

Reversing JNI, or how Facebook is crashing their own application

Latest posts

What every pentesters should learn in 2016

Ostorlab Beta is out

Best SSL/TLS resources (Attacks, Tools, Talks)

Changelog

Expanded Privacy Analysis, Attack Surface Profiling, and GitHub Source Mapping Improvements

CNIL Standard Integration, SARIF Support, Copilot Enhancements, and Smarter Vulnerability Analysis.

Ostorlab's Security Scanner GitHub App,Ticket Aggregation V2, Copilot Launch, and Enhanced Security Features

AI-automated Attack surface, Privacy Analysis, Wordpress agent, and more.

Subscribe to the Ostorlab Newsletter