Xenofon Vassilakopoulos, Author at Twelvesec

Bypassing anti-reversing defences in iOS applications

by Xenofon Vassilakopoulos | Oct 10, 2023 | 0 comments

Introduction This blog post provides a walktrough on dynamically bypassing anti-debugging and anti-reversing defences in iOS applications. Furthermore, this blog post is using resources from OWASP MASTG and provides a comprehensive guide that discusses about mobile...

iOS Instrumentation using Corellium, frida and r2frida

by Xenofon Vassilakopoulos | Sep 27, 2023 | 0 comments

Introduction In this blog post we will discuss the use of Corellium emulator in Penetration Testing engagements. This blog post will also provide a walktrough on how to bypass Jailbroken detection using frida and r2frida, a plugin for radare2 that allows to instrument...

Log4Shell – Exploiting a Critical Remote Code Execution Vulnerability in Apache Log4j (CVE-2021-44228)

by Xenofon Vassilakopoulos | Jan 21, 2022 | 0 comments

Introduction This article presents a widespread critical issue that affects many Java applications. Specifically, as per CVE-2021-44228, Apache Log4j2 JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and...

Authorization Token manipulation using Burp Suite extender

by Xenofon Vassilakopoulos | May 5, 2017 | 5 comments

Bypassing anti-reversing defences in iOS applications

iOS Instrumentation using Corellium, frida and r2frida

Log4Shell – Exploiting a Critical Remote Code Execution Vulnerability in Apache Log4j (CVE-2021-44228)

Authorization Token manipulation using Burp Suite extender

LATEST POSTS

TAGS

ΝΟΤΕ

Share This