FatalSec

Standard inline hooks triggering Android RASP? In this video we use Renef to hook imported functions via PLT/GOT manipulation, leaving function prologues untouched to evade memory detections. Watch here: youtu.be/ssqe9PEqTYI @Nethella @androidmalware2

@itmagiber 4.6

Claude is a money-making machine if you know how to use it. Here's the ultimate guide in English. Prompts, skills, Claude Code, monetization… it has everything. FREE for 24 hours only! To get it: 1. Like this post 2. Comment "4.6" 3. Follow me to receive a DM

Syscall Tracer🔥🔥 Sometimes it’s useful to observe the system calls happening inside a given target process. Especially if the target includes some kind of Frida detection, root detection, or any other kind of Runtime Application Self-Protection (RASP). frida.re/news/2026/03/0…

#AndroidSecurity #RASP #ReverseEngineering Frida blocked by advanced RASP? New Video of "Defeating Modern RASP" is live on FatalSec! Watch us bypass GarudaDefender using the Renef framework, stealthy process injection, and Lua Java hooks. Watch Here: youtu.be/zAQ1iYnpUQg

Library of skills for AI agents github.com/sickn33/antigr…

I took time to wrap up some notes about PAC and play with it! blog.reversesociety.co/blog/2026/poin…

"Dr. Bytecode or: How I Learned to Stop Worrying and Obfuscate Java" A tale about how @farenain started his journey in Java software obfuscation. blog.quarkslab.com/how-to-write-y…

Cracked @8kSec Challenge 3 by digging deep into Swift memory layouts and spoofing GPS location. We analyze struct offsets, decode metadata, and use Frida to teleport past the location anti-cheat. Watch here: youtu.be/8bF6YZLC6Sw

@hermes_tool1 Getting 404 Not Found!

@HeWhomCodes Yeah I read the description but I thought that it’s would be bare minimum implementation just required to boot up the iOS. But if it’s a full fledged Secure Enclave emulation then it’s awesome. Can’t wait to test it.

@SecFatal Whoops, auto-correct. I mean Secure Enclave. And we emulated the Secure Storage Component inside it as well.

surprise! got iOS 18.5 booting up to SpringBoard in my Apple Silicon emulator, Inferno, no proprietary components. it's the first ever open source emulator to run iOS 18. however not very stable due to memory corruption, we are working to resolve it, then it will go public. will be a big win for the OSS and iOS security research community.

@_inside Are you planning to make it public?

After improving my GPU driver patch, the iOS VM now has fully* working Metal rendering 🥹 * WebKit rendering is still broken, but it's the only broken thing I could find

Since a recent firmware included components for a virtual iPhone, I decided to see if I could boot one up. This is a virtualized iPhone 16 running iOS 26.2. Don't get too excited, as this required a lot of IPSW patches and SpringBoard crashes when I swipe up in the setup screen.

🚨 REcon 2026 is LIVE! 🚀 Call for papers and registration are now open! Join the world's top reverse engineers & exploit devs in Montreal: 🛠 Trainings: June 15-18 (19 hands-on classes – AI agents, kernel exploits, Rust/Go reversing, fault injection & more!) 📅 Conference: June 19-21 Tickets & early bird now open → recon.cx Shoutout to the legends teaching: @SinSinology @KyleMartin @MalachiJonesPhD @andreyknvl @mr_phrazer @yarden_shafir @DrCh40s @pulsoid + more elite instructors! See website for all trainers and session info. Limited spots – see you in MTL! #REcon2026 #ReverseEngineering

@hookgab Hi, I didn’t realise that DMs are disabled! I have enabled the DMs now let’s discuss.

@SecFatal Hey, enable your DMs. In the meantime did you check Katarina? It's pretty much the same thing, maybe we can merge the projects as some feature are complementary between the two repos. github.com/huuck/Katalina

#BytecodeEmulator Just open-sourced a Dalvik bytecode emulator 🎉 It's useful for string decryption and static analysis of Android apps/malware. No need to run a full Android environment - just point it at an APK and a method to emulate. GitHub: github.com/fatalSec/DaliVM

#MobileSecurity #SecurityResearch Bypassing Android System Library Integrity Checks! Learn how to defeat checks that flag your Frida hooks. We dive deep into system libraries memory modification techniques. Don't let integrity checks stop your research. youtu.be/8FZYmsDUj-c

@abhinavs279 Glad that it helped in your learning!

@SecFatal thanks for the arm64 beginner vids, helped me start w asm thank you

Unlock iOS reverse-engineering skills with the @8kSec Challenge2 — a hands-on guide to static analysis & runtime manipulation. Dive in, level up, and break new ground in mobile security! Watch here: youtu.be/c8UkuOxTWCk #iOSHacking #ReverseEngineering #8KSEC

#iOSReverseEngineering #Frida #8KSEC #MobileSecurity I take on @8kSec iOS Challenge 1 — FridaInTheMiddle 🔍 ✔️ Bypass Frida detection ✔️ Hook Swift symbols ✔️ Parse Swift strings to capture the flag Watch here: youtu.be/C2U85c799JI @mobilesecurity_

Learn how to intercept & decrypt encrypted traffic in Flutter Android apps – even with SSL pinning & obfuscation! Perfect for #MobileSecurity & #AppPentesting pros. 📺 Watch now: youtu.be/Pw4_lepwVEs #Flutter #CyberSecurity #Frida #ReverseEngineering #AESDecryption