Olivia
Online
Hassan Mostafa
@hsanmost
Co-founder & CTO of RASPIRE (YC P26)
Joined April 2020
121 Following
385 Followers
43 Posts
Pinned Tweet
Bypass #Instagram SSL Certificate Pinning for #iOS
https://t.co/kXvoQ7XzYe
#MobileSecurity #iOSsecurity #ReverseEngineering #Hacking #Cybersecurity #InfoSec #Pentest #Bugbountytips #Bugbountytip #Reversetips
#Writeup
RASPIRE (@raspire_) is building app security at AI speed.
As AI accelerates mobile attacks, their platform protects Android and iOS apps from fraud, reverse engineering, and API abuse with zero code changes. They're already securing apps used by 20M+ people across banking, fintech, and healthcare.
Congrats on the launch, @EzV01d & @hsanmost!
https://t.co/0J7Sw3GOHe
Today, we're launching SHIELD 2.0.
A major update to the RASPIRE XTD platform, with significant improvements across protection, visibility, and response for Android and iOS applications.
See what's new in SHIELD 2.0 and how it protects apps in production:
https://t.co/v5QeYBiOEL
#RASPIRE #SHIELD2 #Cybersecurity #AppSecurity #MobileSecurity
A 5-part complete series of on ARM64 exploitation and reversing by @8kSec
Part1: https://t.co/1PwYKJBZYB
Part2: https://t.co/BqZnrMOIAD
Part3: https://t.co/kQqHBKOW2a
Part4: https://t.co/nfDs4aTOvk
Part5: https://t.co/SeNmYBiTMc
@mobilesecurity_
Who to follow
Misty
@MiscMisty
Reverse engineer, CTF player at Nu1L(China) & Tea Deliverers, loves Lolita/JKS, 🌈loves yuri~
Tamir Zahavi-Brunner @[email protected]
@tamir_zb
Security Researcher | DMs are open | @[email protected]
FatalSec
@SecFatal
Technology enthusiast and mobile security researcher experienced in pentesting of mobile apps. Reach out at [email protected] for technical consultation.
Here are some of the presentations I found the most interesting within the macOS/iOS Kernel Security research space in 2022! 🧵
https://t.co/RYu3YDt16b
I'm happy to publish the second part of the series about iOS (de)Obfuscation and RASP protections.
https://t.co/FPzvfbosZp
In particular, it introduces a new technique to "hook" syscalls on AArch64 based on
'gum_memory_patch_code' from @fridadotre
Here is the first blog post about RASP analysis on iOS and some design weaknesses:
https://t.co/mt60kEmbel
Note: This is an **ephemeral** blog post, so feel free to grab a copy here: https://t.co/48D6zCer0k
Enjoy!
Excited to publish my writeup of a novel iOS in-the-wild exploit: The curious case of the fake Carrier .app: https://t.co/VhvbQZ4Mds
How to reverse and exploit iOS binaries, part 2 😈
Read my step-by-step TUTORIAL on exploiting arm64 via:
> buffer overflow attack
> rop chain
I also built another cute binary for u to hacky hack 💕
https://t.co/YzLXItnEYN
It's not everyday new iOS malware is uncovered 👾📲🍎
In our latest (guest) blog post, Taha Karim (@lordx64),
details how attackers are targeting iOS web3 users via malicious profiles & trojanized iOS apps: https://t.co/Lu5xlWvw2E 😱
I've created an awesome list of iOS application security and penetration testing. I hope this helps people to learn more about #iOSsecurity. Your contributions are always welcome!
https://t.co/2nwqPeTJYi
#MobileSecurity #Cybersecurity #InfoSec #Bugbountytips #Bugbountytip
We released version 1.2 of the OWASP MSTG! As this is the first release after a while, there are quite a few changes. More details in our release notes: https://t.co/WQxQjsIZ9M
✅ Download it
✅ Use it
✅ Give feedback via Github Issues
Thank you to all of our supporters!
Stop what you're doing and read this. This leak is going to be the story of the year: (LINK: https://t.co/zhC0LN4TlC)
Here is the blog post about the anti-jailbreak, anti-Frida, anti-debug used in
PokemonGO (featuring @fridadotre and @LIEF_project).
https://t.co/QE50k6RdxD
Apple have fixed three issues reported by Project Zero that were being actively exploited in the wild. CVE-2020-27930 (RCE), CVE-2020-27950 (memory leak), and CVE-2020-27932 (kernel privilege escalation). The security bulletin is available here: https://t.co/4OIReajIp6
New writeup:
"We Hacked Apple for 3 Months: Here’s What We Found"
Featuring...
@bbuerhaus, @NahamSec, @erbbysam, and @_StaticFlow_
https://t.co/XE757tadE9
Zero-day in Sign in with Apple - bounty $100k
https://t.co/9lGeXcni3K
Return of the iOS sandbox escape: lightspeed's back in the race!! The XNU bug @JohnCool__ described last year was reintroduced and is still exploitable in the last version of iOS, as shown by @unc0verTeam: https://t.co/XQHCw5vsXh
Apple just released the list of CVEs that were patched on iOS 13.5, including an official confirmation that the #MailDemon vulnerabilities were patched. The full list of security issues addressed on iOS 13.5 is available at: https://t.co/y6QYbSxm7K
#unc0ver v5.0.0 will be the first 0day jailbreak released since iOS 8!
Every other jailbreak released since iOS 9 used 1day exploits that were either patched in the next beta version or the hardware.
This will be a big milestone for jailbreaking.
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers