AI
Automating Security Research: AI Engine Exploits Complex Blind Code Injection
Precision beats payload spray using Ostorlab's AI engine to systematically land RCE on Titiler and proves exfiltration without a single stack trace.
Thu 04 September 2025
AI-Powered Pentesting: A Deep Dive into Android Intent Redirection
This article showcases Ostorlab's AI Pentest Engine's process for analyzing an Android applicatio...
Sun 31 August 2025
Automating Security Research: AI Engine Exploits GCP Service Account Secret
This article presents a thorough, hands-on analysis and real-world exploitation of a hardcoded GC...
Thu 28 August 2025
Automating Security Research: AI Engine Exploits Report Portal XXE (CVE-2021-29620)
This article presents a thorough, hands-on analysis and proof of concept for exploiting an OOB XX...
Thu 07 August 2025
From Random to Intelligent: How AI-Powered Monkey Testing Achieves 10x Mobile App Coverage
Ostorlab’s AI Monkey Tester transforms mobile app security testing by using natural language prompts and generative AI to automatically generate intelligent, context-aware test scenarios, resulting in up to a 10x increase in application coverage compared to traditional, rule-based testing approaches.
Automating Security Research: AI Engine Exploits Zulip Stored XSS (CVE-2025-52559)
This article presents a thorough, hands-on analysis and proof of concept for exploiting the stored XSS vulnerability CVE-2025-52559 in Zulip. It details how Ostorlab's AI-powered pentesting engine was used to automate the full cycle.
Latest posts
Bypassing Obfuscation in Android Apps: A Dual Approach with DalvikFLIRT and LLM-Powered Rewrites
This research introduces a pioneering dual approach that combines signature-based matching (DalvikFLIRT) with LLM-powered code transformation to bypass sophisticated Android app obfuscation, enabling automated security analysis of previously impenetrable code.
Wed 16 April 2025
From Moonshot to Production: Building Ostorlab Copilot
This article outlines our journey in implementing ostorlab copilot, the challenges we encountered, and the lessons we learned along the way.
Mon 24 February 2025
Ostorlab's Security Scanner GitHub App,Ticket Aggregation V2, Copilot Launch, and Enhanced Security Features
February's update introduces Ticket Aggregation V2 and Ostorlab Copilot, alongside improvements to reporting capabilities and detection mechanisms. These updates enhance vulnerability management, user experience, and security analysis across the platform.
Thu 20 February 2025
AI-Automated Attack Surface Management: The Future of Cybersecurity Discovery
This article explores AI-automated attack surface management, its impact on cybersecurity, and how it automates asset discovery and vulnerability detection.
Fri 14 February 2025
AI-automated Attack surface, Privacy Analysis, Wordpress agent, and more.
Ostorlab's January 2025 update introduces AI-powered attack surface discovery and improves IDE performance. The release expands detection capabilities with new secret and privacy checks, adds a WordPress security agent, and implements additional threat fingerprints and CVE support. A new Privacy profile for compliance analysis is launched, along with enhancements to scan options and vulnerability reporting. These updates aim to improve asset analysis, security assessments, and risk mitigation across various digital environments.
Mon 20 January 2025
Revolutionizing Mobile Security Testing with Ostorlab's AI-Powered Monkey Tester
Introducing the AI-powered Monkey Tester in the Ostorlab mobile vulnerability scanner, significantly boosting test coverage and speed for a more comprehensive and efficient testing experience.
Tue 16 July 2024
New Features & Fixes in July 2023
We're excited to bring you a host of enhancements and features: open-source Flutter vulnerability detection, extended social auth support for Google and Github, AI-enhanced summaries, a sleek notification UI, and advanced search filters. We've improved geofencing support for India and UK, added new Flutter-specific detection rules, and fixed bugs in various areas. With a freshly redesigned blog and smoother navigation testing for Webview on Android and iOS, we're making your experience even better.
Sat 01 July 2023
Changelog
View all changesAI-automated Attack surface, Privacy Analysis, Wordpress agent, and more.
Mon 20 January 2025
New Features & Fixes in July 2023
Sat 01 July 2023