Engineering
Apple Privacy: A Comprehensive Guide to Privacy Manifest Files
This article offers a guide to Privacy Manifest files in Apple's ecosystem, stressing their importance for transparency and compliance, especially with the upcoming 2024 mandate, outlining steps for implementation, and underscoring their role in promoting user trust and adherence to regulations.
Thu 18 April 2024
Enhancing PostMessage XSS Detection with Proxy Object Instrumentation
The article introduces a new method for detecting PostMessage Cross-Site Scripting (XSS) vulnerabilities using JavaScript Proxy objects, which enhances traditional dynamic fuzzing techniques.
Thu 04 April 2024
Swift Under the Microscope: Practical Dynamic Instrumentation
Article on Swift Dynamic Instrumentation. The article explains the steps to perform dynamic analysis of Swift-based application, covering name mangling, Swift ABI & extraction of function arguments in Swift.
Mon 11 March 2024
Strategies for writing super fast Python
In this article, we look at different ways to improve the performance of Python which is an interpreted language.
Tue 18 April 2023
Fix it! at Ostorlab
Ostorlab's Fix it! practice is one of our most successful engineering practices helping us eradicate bugs and kill technical debt.
Tips and tricks for developing & debugging OXO Agents.
Tips and tricks to make your life easier when developing & debugging OXO Agents.
Latest posts
Life of a Scan: how OXO's open-source vulnerability scanner works
This article talks about how OXO works under the hood.
Tue 02 August 2022
What I've learned from my first job as a Software Engineer at Ostorlab
This article talks about the experience of Rabson Phiri who works as a Software Engineer at Ostorlab.
Tue 19 April 2022
Detection Engine @ Ostorlab
Overview of the detection capabilities provided by Ostorlab
Fri 01 May 2020
Taking Cloud Run for a Test drive
We took Cloud Run for a Test Drive, these are we what learnt.
Wed 16 October 2019
Android external libs!
For an Android developer, it has become standard practice to use external libraries to easily extend the functionalities of the mobile application . Thanks to Gradle easy dependency integration, features like HTTP frameworks, database ORM, fancy scrolling, efficient image loading, caching, social network integration and many others can be added easily.
Tue 01 November 2016
Python Concurrency and Parallelism: building a custom ProcessPoolExecutor
At Ostorlab we scan hundreds of Mobile Applications each day, each scan is very resource intensive but at the same time, since the beginning, we had to optimize the code for speed and maximize use of cloud resources.
Mon 18 July 2016