This article offers a guide to Privacy Manifest files in Apple's ecosystem, stressing their importance for transparency and compliance, especially with the upcoming 2024 mandate, outlining steps for implementation, and underscoring their role in promoting user trust and adherence to regulations.


Enhancing PostMessage XSS Detection with Proxy Object Instrumentation

The article introduces a new method for detecting PostMessage Cross-Site Scripting (XSS) vulnerabilities using JavaScript Proxy objects, which enhances traditional dynamic fuzzing techniques.

Thu 04 April 2024


Swift Under the Microscope: Practical Dynamic Instrumentation

Article on Swift Dynamic Instrumentation. The article explains the steps to perform dynamic analysis of Swift-based application, covering name mangling, Swift ABI & extraction of function arguments in Swift.

Mon 11 March 2024


Strategies for writing super fast Python

In this article, we look at different ways to improve the performance of Python which is an interpreted language.

Tue 18 April 2023

Ostorlab's Fix it! practice is one of our most successful engineering practices helping us eradicate bugs and kill technical debt.

Tips and tricks to make your life easier when developing & debugging OXO Agents.

Latest posts

Life of a Scan: how OXO's open-source vulnerability scanner works

This article talks about how OXO works under the hood.

Tue 02 August 2022

What I've learned from my first job as a Software Engineer at Ostorlab

This article talks about the experience of Rabson Phiri who works as a Software Engineer at Ostorlab.

Tue 19 April 2022

Detection Engine @ Ostorlab

Overview of the detection capabilities provided by Ostorlab

Fri 01 May 2020

Nuxt.js debugging in Webstorm

How to debug Nuxt.js application on Webstorm

Fri 18 October 2019

Taking Cloud Run for a Test drive

We took Cloud Run for a Test Drive, these are we what learnt.

Wed 16 October 2019

Android external libs!

For an Android developer, it has become standard practice to use external libraries to easily extend the functionalities of the mobile application . Thanks to Gradle easy dependency integration, features like HTTP frameworks, database ORM, fancy scrolling, efficient image loading, caching, social network integration and many others can be added easily.

Tue 01 November 2016

Python Concurrency and Parallelism: building a custom ProcessPoolExecutor

At Ostorlab we scan hundreds of Mobile Applications each day, each scan is very resource intensive but at the same time, since the beginning, we had to optimize the code for speed and maximize use of cloud resources.

Mon 18 July 2016