5 things every mobile security professional should know about WebViews
This article is about WebViews and the security notions we need to have in mind when using these component in both Android and iOS.
Tue 18 May 2021
May 2021
We are pleased to announce a set of new improvements
Sat 01 May 2021
April 2021
We are pleased to announce a set of new improvements
Thu 01 April 2021
Ostorlab detects Dependency Confusion
Dependency Confusion is a new attack with high severity impact. This article is an overview of th...
Wed 03 March 2021
Finding superhuman XSS polyglot payloads with Genetic Algorithms
The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.
Latest posts
News and Updates of Week 8
This weeks is marked by multiple high profile data breaches affecting Cashalo, Npower, Kia, T-Mobile and Clubhouse.
Sun 28 February 2021
Ostorlab adds Web Security Scanning to its arsenal
Ostorlab is adding Web Security Scanner to its arsenal with novel approaches to vulnerability discovery.
Mon 15 February 2021
Release of a new analysis environment to aid manual assessment
New Analysis Environment with access to disassembly, decompiled source, call trace, function tagging and many other features.
Mon 11 January 2021
Finding and Validating Hardcoded Keys and Secrets
Hardcoded secrets are easy to find and might open a gate to sensitive data or privileged access. This makes them a great target for Bug Bounty hunters and Attackers.
Fri 30 October 2020
Autonomous Security: Pushing Security Automation to the Next Level
The article introduces the term Autonomous Security in the context of security scanning and defines 5 tiers of maturity.
Mon 26 October 2020