Ostorlab: Mobile App Security Testing for Android and iOS

Recent in-depth investigations reveal serious vulnerabilities discovered in widely-used zip packages in Flutter and Swift, posing serious security risks for thousands of developers and applications. Our article delves into the technical aspects of these vulnerabilities, explaining their discovery, implications and mitigation strategies.

Ostorlab Team


                    Fri 04 August 2023

Security

Ostorlab's Insecure Flutter Apps: A Playground for Learning and Testing Mobile Security

Ostorlab has open-sourced two Flutter applications, designed to be intentionally insecure for testing and educational purposes. The apps, one native to iOS and the other a Java/C++/Flutter app, highlight a variety of common mobile app vulnerabilities. Available under the Apache-2.0 license, they serve as practical resources for understanding Flutter security.

Ostorlab


                    Mon 10 July 2023

Engineering

Life of a Scan: how OXO's open-source vulnerability scanner works

This article talks about how OXO works under the hood.

Rabson Phiri


                    Tue 02 August 2022

Changelog

View all changes

2 of 2

vulnerability

Defending Against GraphQL Attacks: A Deep Dive into Common Vulnerabilities

Assessing the Large-Scale Exposure of CUPS Vulnerabilities: Chained CVEs Leading to Remote Code Execution

Threat Center v2: Staying Ahead of Vulnerabilities

Ostorlab KEV update for 02 April 2024

Ostorlab KEV update for 11th March 2024

Ostorlab KEV update for 26th February 2024

Latest posts

ZIP Exploitation: Critical Vulnerabilities Found in Popular Zip Libraries in Swift and Flutter

Ostorlab's Insecure Flutter Apps: A Playground for Learning and Testing Mobile Security

Life of a Scan: how OXO's open-source vulnerability scanner works

Changelog

Subscribe to the Ostorlab Newsletter