Ostorlab
Pre-Auth Root RCE Vulnerability in CyberPanel: Deep Dive Exploit Analysis
A technical analysis of a vulnerability in CyberPanel, a Pre-Auth Root RCE, including confirmed exploitation paths, investigated components, and research methodology findings.
Wed 30 October 2024
Ostorlab's Insecure Flutter Apps: A Playground for Learning and Testing Mobile Security
Ostorlab has open-sourced two Flutter applications, designed to be intentionally insecure for testing and educational purposes. The apps, one native to iOS and the other a Java/C++/Flutter app, highlight a variety of common mobile app vulnerabilities. Available under the Apache-2.0 license, they serve as practical resources for understanding Flutter security.
Mon 10 July 2023
zCamera, 100M+ installation app, from remote compromise to data leaks
This article is a technical deep dive, showing how a 100M+ installation image application can expose its user’s images and suffer from remotely exploitable vulnerabilities ranging from SQL injection and intent redirect to arbitrary file download.
Tue 04 July 2023
AI-powered recommendations and fixes, Improved Flutter Detection, and much more
The new release brings a new AI Engine for improved recommendations, powerful new additions to Flutter detection and much more.
Mon 26 June 2023