Here is the first blog post about RASP analysis on iOS and some design weaknesses: romainthomas.fr/post/22-08-sin… Note: This is an **ephemeral** blog post, so feel free to grab a copy here: dl.romainthomas.fr Enjoy!

A technical analysis of Pegasus for Android – Part 1 #MobileSecurity #AndroidSecurity cybergeeks.tech/a-technical-an…

I'm happy to publish the second part of the series about iOS (de)Obfuscation and RASP protections. romainthomas.fr/post/22-09-ios… In particular, it introduces a new technique to "hook" syscalls on AArch64 based on 'gum_memory_patch_code' from Frida

I'm happy to release iCDump: a cross-platform Objective-C class dump that can also run on Linux :) Compared to existing projects, iCDump exposes a Python API and relies on LLVM's Clang AST to output the Objective-C metadata. - romainthomas.fr/post/23-01-icd… - github.com/romainthomas/i…

🔒 Exclusive Giveaway Alert! Win a PEN-200 (OSCP) Voucher! 🔒 Hello InfoSec community! 🌐 Elevate your cybersecurity skills and experience with BSides Indore Conference 2023. Participate in our amazing giveaway for a chance to win a PEN-200 (OSCP) Voucher. In order to

August giveaway! We are giving away one seat each for Altered Security September'23 bootcamps! Reply and Retweet to enter. Winners will be announced on 23rd August. Attacking and Defending Azure - Beginner's Edition (CARTP) - alteredsecurity.com/cartp-bootcamp Attacking and Defending