Security

Universal bypass of SSL Pinning ... from theory to a full working PoC with LLDB

This article is about bypassing SSL pinning without needing to. Sounds confusing? We will go over the theory, build a full PoC using LLDB in Python and finally extend it to other cool tasks.

Alaeddine Mesbahi
Tue 18 May 2021

Security

5 things every mobile security professional should know about WebViews

This article is about WebViews and the security notions we need to have in mind when using these component in both Android and iOS.

Tue 18 May 2021

Product

May 2021

We are pleased to announce a set of new improvements

Sat 01 May 2021

Product

April 2021

We are pleased to announce a set of new improvements

Thu 01 April 2021

Security

Ostorlab detects Dependency Confusion

Dependency Confusion is a new attack with high severity impact. This article is an overview of the vulnerability as well as other supply chain attacks.

Wed 03 March 2021

Product

March 2021

We are pleased to announce a set of new improvements

Mon 01 March 2021

Latest posts

Security

Finding superhuman XSS polyglot payloads with Genetic Algorithms

The following article is a technical deep dive into how genetic algorithms can be leveraged to create superhuman XSS polyglot payloads.

Mon 01 March 2021

Security

News and Updates of Week 8

This weeks is marked by multiple high profile data breaches affecting Cashalo, Npower, Kia, T-Mobile and Clubhouse.

Sun 28 February 2021

Product

Ostorlab adds Web Security Scanning to its arsenal

Ostorlab is adding Web Security Scanner to its arsenal with novel approaches to vulnerability discovery.

Mon 15 February 2021

Product

February 2021

We are pleased to announce a set of new improvements

Mon 01 February 2021

Product

Release of a new analysis environment to aid manual assessment

New Analysis Environment with access to disassembly, decompiled source, call trace, function tagging and many other features.

Mon 11 January 2021

Product

January 2021

We are pleased to announce a set of new improvements

Fri 01 January 2021

Product

December 2020

We are pleased to announce a set of new improvements

Tue 01 December 2020

Security

Finding and Validating Hardcoded Keys and Secrets

Hardcoded secrets are easy to find and might open a gate to sensitive data or privileged access. This makes them a great target for Bug Bounty hunters and Attackers.

Fri 30 October 2020

Changelog

View all changes

CNIL Standard Integration, SARIF Support, Copilot Enhancements, and Smarter Vulnerability Analysis.

 Mon 07 April 2025

Ostorlab's Security Scanner GitHub App,Ticket Aggregation V2, Copilot Launch, and Enhanced Security Features

 Thu 20 February 2025

AI-automated Attack surface, Privacy Analysis, Wordpress agent, and more.

 Mon 20 January 2025

Advanced Search Query, API Endpoints, Tons of new detections, and more.

 Mon 02 December 2024
Previous
9 of 15
Next