Ostorlab Team Articles


Mobile
Android external libs!
Tue 01 November 2016

For an Android developer, it has become standard practice to use external libraries to easily extend the functionalities of the mobile application . Thanks to Gradle easy dependency integration, features like HTTP frameworks, database ORM, fancy scrolling, efficient image loading, caching, social network integration and many others can be added easily.

Mobile
Vulnerabilities tested by Google Play Store
Mon 05 September 2016

Google will start identifying security weaknesses in Apps pushed to the Play Store...

Programming
Python Concurrency and Parallelism: building a custom ProcessPoolExecutor
Mon 18 July 2016

At Ostorlab we scan hundreds of Mobile Applications each day, each scan is very resource intensive but at the same time, since the beginning, we had to optimize the code for speed and maximize use of cloud resources.

Mobile
New in Android M and N: Runtime Permissions
Fri 27 May 2016

In Android, the permission system was one of the major security concerns of the platform for many reasons...

Mobile
Android SSL pinning, frameworks and implementations
Wed 11 May 2016

When developing a mobile application, securing the communication between the user's device and the backend is an important step to guarantee the safety of the user's data.

Mobile
Reversing JNI, or how Facebook is crashing their own application
Thu 07 January 2016

Apparently Facebook is crashing their apps intentionally in order to test users reaction and evaluate their adherence to Facebook service. This post is however not about the user's behavioral analysis, but about the technical aspects of how it is done - or just an excuse to dive into JNI reversing.

Pentest
What every pentesters should learn in 2016
Sat 02 January 2016

The last years have come with meaningful changes in the way IT professionals operate and the way we approach security...

Ostorlab
Ostorlab Beta is out
Sun 20 December 2015

We are pleased to release the Beta version of our online mobile application security scanner.

Pentest
Best SSL/TLS resources (Attacks, Tools, Talks)
Tue 25 August 2015

This article will reference the best current resources on SSL/TLS.