Recent enhancements to the Frida open-source dynamic instrumentation toolkit greatly ease the process of conducting jailed testing. You no longer have to manually package the Frida Gadget in your target app. As long as the app is debuggable, Frida does that for you. This post will walk you through the process of using Frida on a jailed device.
Many people have heard about mobile man-in-the-middle (MiTM) attacks but aren’t sure just exactly what they are or how they happen. Learn more including the development and security issues that can leave apps vulnerable to MiTM attacks, tips for testing and the layers of network defense that can help you avoid these issues.
In early September, radare2 users and developers from around the globe gathered in Barcelona for r2con, an annual conference celebrating the r2 multi-platform, open-source, reverse engineering framework supported by NowSecure. Around 200 attendees enjoyed four days of hacking, teaching, discussing, coding, socializing and having fun.
The Frida 12.3 open-source software dynamic instrumentation toolkit offers an exciting new app crash reporting feature that provides more details about failed jobs and enhances iOS crash reporting. Learn about this new capability and how it saves Frida users time and improves the experience of NowSecure customers.
Keeping pace with ever-increasing mobile security threats is a team sport that requires the support and performance of many key players. Here at NowSecure, our security research team spends countless hours helping our customers find and fix vulnerabilities to secure their mobile apps. The research group at NowSecure holds multiple responsibilities. Part of its mission
In this post I explain step-by-step how I solved the OWASP Mobile Security Testing Guide (MSTG) Crackme Level 1 using Frida (and how I then automated it).