Ostorlab released the UI call coverage in the analysis environment to show the UI flow exercised during the dynamic security testing.
This article is about bypassing SSL pinning without needing to. Sounds confusing? We will go over the theory, build a full PoC using LLDB in Python and finally extend it to other cool tasks.
This article is about WebViews and the security notions we need to have in mind when using these component in both Android and iOS.
Ostorlab is a community effort to build a mobile application vulnerability scanner to help developers build secure mobile applications. One of the new key components of the scanner detection capabilities is a new shiny static taint engine for Android Dalvik Bytecode that was heavily optimized for performance and low false positives.