8kSec

MCP servers can expose file read/write tools to AI assistants. When they do, unsafe path handling can let requests escape the intended workspace. Here are two path traversal bugs showing up in many MCP file servers. Who needs to act: → Developers: check read_file + write_file for path validation and the fix is ~3 lines of Python → Security engineers: the example paths with traversal pattern mentioned in the image are your audit checklist → Security leads: no filesystem sandbox, and MCP tools run with full host process permissions Bookmark this! Find detailed lesson: academy.8ksec.io/course/practic…

In this blog from our Mobile Malware series breaks down Xenomorph, an Android banking trojan that loads its DEX payload via JNI, bypassing standard DexClassLoader to evade hooks. Tools: JADX, Simplify, Medusa (Frida), Ghidra 8ksec.io/mobile-malware…

@CyberWarship Thank you for featuring us 🙌

''ARM64 Reversing And Exploitation Part 4 – Using Mprotect() To Bypass NX Protection | 8kSec Blogs'' #infosec #pentest #redteam #blueteam 8ksec.io/arm64-reversin…

@CyberWarship Thanks for sharing this, @CyberWarship. Nice to see this reaching more readers, happy to contribute.💪

''ARM64 Reversing and Exploitation Part 3 – A Simple ROP Chain | 8kSec Blogs - 8kSec'' #infosec #pentest #redteam #blueteam 8ksec.io/arm64-reversin…

This blog walks through Android deep link and WebView exploitation, bypassing host validation to exfiltrate credentials from shared_prefs via JavaScript: 8ksec.io/android-deepli… Tested on InsecureShop using ADB + Frida.

Thinking about a Threat Modeling Checklist for AI Systems? This graphic maps 6 key stages of an AI attack kill chain to MITRE ATLAS, with an honest defense verdict at each stage. Two stages are undefendable by design: · Reconnaissance looks identical to normal usage · Resource Development happens entirely offline Always remember that your strongest interception points are stages 4 and 5 🎯 📌 Bookmark this for your next AI architecture review or threat modeling session. 🔗 Learn AI Security in depth: academy.8ksec.io/course/practic…

8kSec is bringing Offensive Mobile Reversing and Exploitation to RomHack 2026. 4 days of hands-on training in Rome. Sep 28 – Oct 1. ARM64, Frida, Ghidra, and Corellium access included. You will explore Mobile Application security as well as iOS and Android mitigations like PAC, SPTM, TXM RKP, SELinux, plus AI-driven reversing. 🎟 Enroll at the early bird rate: romhack.io/training/2026/…

Getting started with ARM64 reverse engineering and exploitation, great intro series by @8kSec 8ksec.io/arm-64-reversi… #infosec #arm

@0xor0ne Really appreciate the mention, @0xor0ne. Hope the series helps others along their learning journey.💪

This blog covers forensic detection on a real infected iOS device using MVT: 8ksec.io/mobile-malware… Three methods compared: jailbroken filesystem dump, iTunes backup, sysdiagnose logs. Each surfaces different IOC artifacts for the same Pegasus and KingSpawn indicators.

Part 4 of our Mobile Malware Analysis series focuses on iOS malware detection. We cover forensic artifact collection using sysdiagnose, idevicebackup2, and mvt, along with key IOCs to hunt across Calendar databases, TCC, and Keychain analytics. 8ksec.io/mobile-malware…

🔐 New Modules Just Dropped: Threat Modeling, AI Governance & Fine-Tuning LLMs for Security Three new modules in Practical AI Security: Threat Modeling (STRIDE, MAESTRO, MITRE ATLAS), AI Governance (EU AI Act, NIST AI RMF), Fine-Tuning LLMs (QLoRA, phishing + ATT&CK labs): academy.8ksec.io/course/practic…

From our blog archives: Part 3 of our Pegasus malware writeup. Nearly 90% of the declared Android components ship with no code in the APK. Everything meaningful is pulled in at runtime via DexClassLoader, and heavy use of getMethod()/invoke() makes static analysis almost useless. We also reverse take_screenshot, libk, and addk. Full writeup: 8ksec.io/mobile-malware…

We’ve reviewed hundreds of submissions for 8kSec Battlegrounds. But we haven’t reviewed yours yet 🧐 8kSec Battlegrounds offers free mobile and AI security labs designed to challenge your skills across different difficulty levels. ‣ Hands-on scenarios. ‣ Progressive challenges. ‣ Certificate upon successful completion. Over 2,000 professionals have already joined. Ready to test yourself? 8ksec.io/battle/

🚨🚨We’re back with a new entry in our Mobile Malware Analysis series! This time, we’ll look at deVixor which is a sophisticated Android banking trojan with ransomware capabilities targeting Iranian financial institutions. 👉 Read the full technical analysis: 8ksec.io/mobile-malware… #MobileSecurity #AndroidSecurity #Malware #DFIR

Congratulations to the students who earned their 8kSec certifications over the last few weeks, each completing a 24–48 hour hands-on exploitation exam. • Adrian Castañeda – Certified Android Security Researcher (CASR) • Marcos González Sanz – Certified Android Security Researcher (CASR) • Shivam – Offensive Mobile Security Expert (OMSE) • Abdulraheem Khaled @Abdulrah33mK – Certified Mobile Security Engineer (CMSE) • Patchathep Chummanee – Certified Mobile Security Engineer (CMSE) • Ken Kitahara – Offensive Mobile Security Expert (OMSE) • Swagat Kumar @webspl01t3r – Certified Mobile Security Engineer (CMSE) • Alan K L Chung – Offensive Mobile Security Expert (OMSE) Each candidate worked in a uniquely provisioned live lab, identifying and exploiting real vulnerabilities across real-world attack scenarios, then submitted a full vulnerability assessment report with findings, attack paths, and remediation, all of which was reviewed by our trainers. We truly appreciate the hard work that went into this. Congratulations on your achievement! Learn more about the 8kSec Certifications: 8ksec.io/certifications

Unity games expose their own source code. We break down the full RE process here: 8ksec.io/hacking-androi…. libil2cpp so + global-metadata.dat → il2cppdumper → readable DLL. From there: hook CollectMoney with Frida, intercept args, rewrite the value.

MasterFred: Android malware that abuses accessibility services to detect target apps via MD5 hash matching, inject HTML overlay login pages, and exfiltrate stolen credentials over Tor. Read the breakdown of the full attack chain here : 8ksec.io/mobile-malware…

Detailed video walkthroughs of 3 iOS App Exploitation Labs from our academy by @SecFatal (!) If you’d rather solve them yourself first, no spoilers: academy.8ksec.io/course/ios-app… Each video walks through the full solution: - FridaInTheMiddle (Frida Port Detection & Swift String Parsing): youtube.com/watch?v=C2U85c… - SwizzleMeTimbers (Static Analysis & Runtime Manipulation): youtube.com/watch?v=c8UkuO… - TraceTheMaps (GPS Spoofing): youtube.com/watch?v=8bF6YZ… These and other challenges are free to try on the 8kSec Academy. We’re looking forward to seeing the community share different approaches and write-ups.

iOS kernel panic logs can tell you more than just “it crashed.” This walkthrough covers extraction, address unsliding, and symbolication — including tracing a PUAF-triggered panic back to pmap enforcement in XNU: 8ksec.io/analyzing-kern…