Our Blog

on ios binary protections

Reading time: ~11 min
I just got off a call with a client, and realised we need to think about how we report binary...

Understanding PEAP In-Depth

Reading time: ~21 min
tl;dr We reported a long standing PEAP bug in all Apple devices that would allow an attacker to force any...

objection – mobile runtime exploration

Reading time: ~4 min
introduction In this post, I want to introduce you to a toolkit that I have been working on, called objection....

PwnBank en route to Vegas

Reading time: ~3 min
Everyone has a mobile phone (ok some have two) and the wealth of information people put into them is staggering....

Too Easy – Adding Root CA’s to iOS Devices

Reading time: ~8 min
With the recent buzz around the iMessage crypto bug from the John’s Hopkins team, several people pointed out that you...

Advanced Cycript and Substrate

Reading time: ~9 min
Mobile assessments are always fun as the environment is constantly evolving. A recent trend has been the use of custom...

Decrypting iPhone Apps

Reading time: ~7 min
This blog post steps through how to convert encrypted iPhone application bundles into plaintext application bundles that are easier to...