#iOS Articles
UI call coverage release for dynamic security testing
Ostorlab released the UI call coverage in the analysis environment to show the UI flow exercised during the dynamic security testing.
Ostorlab Nuggets in June issue 5
Health Tech, Compromises and attacks, Instrumentation, Black Hat conferences, eBPF and moreā¦.
Universal bypass of SSL Pinning ... from theory to a full working PoC with LLDB
This article is about bypassing SSL pinning without needing to. Sounds confusing? We will go over the theory, build a full PoC using LLDB in Python and finally extend it to other cool tasks.
5 things every mobile security professional should know about WebViews
This article is about WebViews and the security notions we need to have in mind when using these component in both Android and iOS.
Finding and Validating Hardcoded Keys and Secrets
Hardcoded secrets are easy to find and might open a gate to sensitive data or privileged access. This makes them a great target for Bug Bounty hunters and Attackers.
Application Security Testing on non-Jailbroken iOS from Linux
How to perform security checks of an iOS application file on a non-jailbroken iPhone from a Linux Machine.
Critical attack surface of mobile applications
the Attack Surface of mobile applications.
Testing Cordova Applications
Hybrid frameworks like Cordova offers the advantage of building one app for multiple platform (support for Android, iOS, Windows Phone, FireOS, FirefoxOS ...) . The framework is easy and fast to develop with and offers generally a single API for all platforms.
Best SSL/TLS resources (Attacks, Tools, Talks)
This article will reference the best current resources on SSL/TLS.
