iOS

iOS 13 certificate pinning bypass for Frida and Brida

• On 21 Aug, 2020
• By Federico Dotta

Hi! I just added to Brida a small Frida script to bypass SSL/TLS certificate pinning on iOS 13 devices. The script is a modification of the iOS 12 certificate pinning…

Brida 0.4 is out!

• On 14 Apr, 2020
• By Federico Dotta

After quite a lot of hours of work, Brida 0.4 is finally out! Brida 0.4 should have been presented at Hack In Paris 2020 but, due to the postponement of…

Brida – A step-by-step user guide

• On 24 Apr, 2018
• By Federico Dotta

  Hi! Today we will take a step-by-step tour on how to use Brida. We will see how to install and configure Brida and then how to use it during…

Advanced mobile penetration testing with Brida – Slides HackInBo 2017 WE

• On 26 Oct, 2017
• By Federico Dotta

Hi! Here you can download the slides of my talk presented at HackInBo 2017 Winter Edition named "Advanced mobile penetration testing with Brida". Federico Dotta - Advanced mobile penetration testing…

Tracing arbitrary Methods and Function calls on Android and iOS

• On 8 Sep, 2017
• By Marco Ivaldi (aka raptor)

I have published two new Frida instrumentation scripts to facilitate reverse engineering of mobile apps. They can be found on GitHub. Let's take raptor_frida_ios_trace.js for a ride against our favorite target…

Penetration testing on mobile applications – The hard way

• On 7 Oct, 2016
• By Federico Dotta

In this period, I spend a huge portion of my working time doing penetration test on mobile applications, mainly Android and iOS. I personally consider this kind of test much…