FatalSec

124 posts

FatalSec

FatalSec

@SecFatal

Technology enthusiast and mobile security researcher experienced in pentesting of mobile apps. Reach out at [email protected] for technical consultation.

Katılım Ekim 2022
109 Takip Edilen581 Takipçiler
𝚊𝚕𝚔𝚊𝚕𝚒
𝚊𝚕𝚔𝚊𝚕𝚒@alkalinesec·
my new symbolic execution tool bintx is coming along well, this challenge that took hours with angr+z3 takes less than 30 seconds with bintx+binbit. similar results with other long running challenges.
𝚊𝚕𝚔𝚊𝚕𝚒 tweet media
English
2
6
85
5.1K
FatalSec retweetledi
blackorbird
blackorbird@blackorbird·
Introducing usbliter8 An A12/A13 SecureROM exploit A novel iPhone BootROM vulnerability discovered and exploited by our team. It covers the underlying bug, the associated exploitation techniques, and the post-exploitation steps required to achieve application processor's boot-chain compromise. The exploit leverages both a hardware bug in the USB controller and a specific configuration flaw present in the device firmware. ps.tc/pages/blog-usb… poc: github.com/prdgmshift/usb…
blackorbird tweet media
English
1
41
200
16K
FatalSec
FatalSec@SecFatal·
Join the FatalSec community. We have created this new space to continue sharing content, research, tooling, and discussions around reverse engineering, mobile security, pentesting, and low-level internals. Stay active, share knowledge, and keep learning. t.me/+eb4DfS4aXuZlM…
English
0
0
3
407
FatalSec
FatalSec@SecFatal·
Hey folks! I've been getting a lot of DMs for guidance, so decided to take action on it. I'm excited to help folks out and give back to the community via Topmate. Don't hesitate to reach out if you have any questions or just want to say hi! topmate.click/klvge
FatalSec tweet media
English
0
0
3
170
FatalSec
FatalSec@SecFatal·
Ever injected a Frida script just to watch the app instantly crash? Modern RASP actively hunts your hooks. In this video, we build a memory trap, catch the scanner, and deploy a live ARM64 patch to completely blind it. Watch the teardown: youtu.be/yipcDMRHBG4
YouTube video
YouTube
English
0
0
7
728
FatalSec
FatalSec@SecFatal·
Standard inline hooks triggering Android RASP? In this video we use Renef to hook imported functions via PLT/GOT manipulation, leaving function prologues untouched to evade memory detections. Watch here: youtu.be/ssqe9PEqTYI @Nethella @androidmalware2
YouTube video
YouTube
English
1
1
8
808
Magiber Rahman
Magiber Rahman@itmagiber·
Claude is a money-making machine if you know how to use it. Here's the ultimate guide in English. Prompts, skills, Claude Code, monetization… it has everything. FREE for 24 hours only! To get it: 1. Like this post 2. Comment "4.6" 3. Follow me to receive a DM
Magiber Rahman tweet media
English
1.1K
129
1.4K
130.5K
FatalSec retweetledi
Edu Novella
Edu Novella@enovella_·
Syscall Tracer🔥🔥 Sometimes it’s useful to observe the system calls happening inside a given target process. Especially if the target includes some kind of Frida detection, root detection, or any other kind of Runtime Application Self-Protection (RASP). frida.re/news/2026/03/0…
Edu Novella tweet media
English
1
86
339
30.1K
FatalSec
FatalSec@SecFatal·
Cracked @8kSec Challenge 3 by digging deep into Swift memory layouts and spoofing GPS location. We analyze struct offsets, decode metadata, and use Frida to teleport past the location anti-cheat. Watch here: youtu.be/8bF6YZLC6Sw
YouTube video
YouTube
English
2
1
16
1.3K
FatalSec
FatalSec@SecFatal·
@HeWhomCodes Yeah I read the description but I thought that it’s would be bare minimum implementation just required to boot up the iOS. But if it’s a full fledged Secure Enclave emulation then it’s awesome. Can’t wait to test it.
English
1
0
0
210
Visual Ehrmanntraut
Visual Ehrmanntraut@HeWhomCodes·
@SecFatal Whoops, auto-correct. I mean Secure Enclave. And we emulated the Secure Storage Component inside it as well.
English
2
0
1
237
Visual Ehrmanntraut
Visual Ehrmanntraut@HeWhomCodes·
surprise! got iOS 18.5 booting up to SpringBoard in my Apple Silicon emulator, Inferno, no proprietary components. it's the first ever open source emulator to run iOS 18. however not very stable due to memory corruption, we are working to resolve it, then it will go public. will be a big win for the OSS and iOS security research community.
English
22
76
678
38K
FatalSec
FatalSec@SecFatal·
@_inside Are you planning to make it public?
English
0
0
2
728
Guilherme Rambo
Guilherme Rambo@_inside·
After improving my GPU driver patch, the iOS VM now has fully* working Metal rendering 🥹 * WebKit rendering is still broken, but it's the only broken thing I could find
English
14
24
361
22.8K
Guilherme Rambo
Guilherme Rambo@_inside·
Since a recent firmware included components for a virtual iPhone, I decided to see if I could boot one up. This is a virtualized iPhone 16 running iOS 26.2. Don't get too excited, as this required a lot of IPSW patches and SpringBoard crashes when I swipe up in the setup screen.
English
26
95
1.8K
184.4K
FatalSec retweetledi
REcon
REcon@reconmtl·
🚨 REcon 2026 is LIVE! 🚀 Call for papers and registration are now open! Join the world's top reverse engineers & exploit devs in Montreal: 🛠 Trainings: June 15-18 (19 hands-on classes – AI agents, kernel exploits, Rust/Go reversing, fault injection & more!) 📅 Conference: June 19-21 Tickets & early bird now open → recon.cx Shoutout to the legends teaching: @SinSinology @KyleMartin @MalachiJonesPhD @andreyknvl @mr_phrazer @yarden_shafir @DrCh40s @pulsoid + more elite instructors! See website for all trainers and session info. Limited spots – see you in MTL! #REcon2026 #ReverseEngineering
English
0
49
142
19.2K