Securify core story

We provide reality checks to improve cyber security resilience In today’s world, your organization has an ever-growing online presence and a lot of data to…Read more...

Blogs

  • Researching VPN applications - part 3 testing macOS applications

    Introduction In our previous blogs we explained how VPN applications work internally and what implementation mistakes can be made that could result in elevation of privileges. We've also presented some simple steps one could use to find vulnerabilities in Windows VPN applications. In this blog we will describe our…Read more...

  • Researching VPN applications - part 2 testing Windows applications

    Introduction In our previous blog we explained how VPN applications work internally and what implementation mistakes can be made that could result in elevation of privileges. In particular we looked at applications using OpenVPN as a component in their solution as our initial recon indicated that this is where most…Read more...

  • Dynamic string deobfuscation on Android

    Introduction A couple years ago when I analyzed Android malware at Threat Fabric we encountered a time consuming problem. Obfuscated strings, a lot of malware did it and most of them in different ways. Strings are definitely useful while analyzing malware, they give out a lot of information about what is happening…Read more...

  • Android adb reverse tethering mitm setup

    Introduction Traditionally, to inspect traffic for Android apps, the mobile phone and the security analyst’s PC are connected to the same Wi-Fi hotspot. The proxy settings on the mobile phone are configured to point to the analyst’s PC. Typically, an intercepting software such as Burp Suite Pro is configured on the PC…Read more...

  • Researching VPN applications - part 1 VPN internals

    Introduction During the last holiday season, some of us were poking around some VPN clients. In particular we were interested in finding local privilege escalation issues. After testing some clients, we came to the conclusion that they pretty much work the same and most of them suffer from at least one vulnerability…Read more...

Questions or feedback?

Call usphone
Mail usmail