Boris Batteux

Did you know that Google Play Store is the most popular channel for threat actors to distribute #malware to target mobile banking apps? Learn more here: hubs.la/Q02hpXDV0 #FinTech #Android #AppSec

SQL Injection is still present in 2023 on mobile platforms 📱. If you think iOS is more secure than Android because it’s difficult to misconfigure, this article will change your mind! Happy to share my very first CVE-2023-41387. #MobileSecurity #flutter seredynski.com/articles/explo…

In our latest blog post, we delve into some intricacies of the Android permission system. Check out how we pushed the boundaries of custom permissions and unveiled CVE-2023-20947 by harnessing a solver approach! 🔓 blog.thalium.re/posts/leveragi…

The Accessibility Service on Android is an impactful feature for people with disabilities. However, it also comes with security risks. Here, you can learn how to protect against them: hubs.la/Q01HFw0n0 #MobileAppSecurity #Accessibility #CyberSecurity

I've ported SiMBA (MBA Simplification Tool) to C/C++, added enhancements, multithreading support and boosted the performance 🚀🚀🚀 (github.com/pgarba/SiMBA-)

Really cool to see this integrated IDA. Performances are awesome!

Our new decompiler plugin is now available! gooMBA is here to help when you’re struggling with a ‘'mixed boolean arithmetic”-obfuscated binary. Read more 🌐 hex-rays.com/blog/deobfusca… #HexRays #HexRaysDecompiler #IDAPro

We’ve just published a new Plugin Focus blog post! Joxean Koret (@matalaz) from Activision introduces his binary diffing plugin #Diaphora. Read more: hex-rays.com/blog/plugin-fo… #PluginFocus #IDAPro #IDAPython #IDAPlugin

Another great Plugin Focus blog post is out! Marc-Étienne Léveillé introduces the IPyIDA plugin. Learn how this IDA add-on makes prototyping and Python plugin and script development friendlier 🌐 hex-rays.com/blog/plugin-fo… #PluginFocus #IDAPro #IDAPython #IDAPlugin

Great post by @vinopaljiri about techniques for invoking functions directly from assembly: IDA Appcall, Dumpulator and Unicorn Engine research.checkpoint.com/2022/native-fu… #reverseengineering #malwareanalysis #informationsecurity #cybersecurity #assembly

IDA handles direct calls and adds cross-references automatically. What could you do when you are dealing with indirect calls? Check how to set callee addresses manually 🌐 hex-rays.com/blog/igors-tip… #IgorsTipOfTheWeek #IDAtips #IDAPro #IndirectCalls

Time for a brief thread on one of @HexRaysSA most powerful classes provided as part of their IDA Python API The humble insn_t class Understanding this type will help you in all sorts of ways, including my favorite, generating YARA signatures Let's begin...

control flow unflattening of an android rasp sdk eybisi.run/Control-Flow-U…

Lets goo. Made some additions to gitlab.com/eshard/d810 and voila🥳 Finally a good blog post subject + will be explaining some ida internal errors I encounter while playing with hexray microcode api👽Blog post soon🤠

In the final blog of our Flutter app reverse engineering series, we look at how classical attacks apply to Flutter apps. Follow along as we investigate using techniques like code patching and hooking for cheating: hubs.la/Q01pqJ2P0 #reverseengineering #Flutter #FlutterDev

TrollStore, a new iOS tool, prompts developers to rethink their #MobileAppSec as they can no longer rely on #Jailbreak or repackaging detection to stop modded #iOS apps. See how #TrollStore is impacting the industry. hubs.la/Q01nrT-N0 #iOSDev

The results are out! We are very honoured to have won first place🥇in the Hex-Rays plugin contest 2022 🎉 Our entry was "ttddbg", a time-travel debugging plugin for IDA already presented at #SSTIC 2022. Many congratulations to all the other entrants!

📝New research by @lmpact_l: "Fork Bomb for Flutter" There are more and more Flutter applications, and security analysis of these apps is in high demand. Our member Phil shares his knowledge and presents his reFlutter tool. Read the article: swarm.ptsecurity.com/fork-bomb-for-…

We investigate a bootloader on the #android13 update that increments an anti-roll back version and might put the users of Google Pixel 6 at risk. eshard.com/posts/pixel6_b…

An IDA helper script to draw outlined func graphs: gist.github.com/NyaMisty/79047…