Android reverse-engineering slides

The slides from the Android reverse-engineering last night are now available for download. I hope you got some ideas on how we should be able to automate parts of what we did yesterday to create the automated privacy score service on the Hackathon next week (May 16th).

Where to start?

Someone asked me if I could recommend apps to start playing with. I bet you have at least one app on your phone already that you like but that has one or two kinks that really annoys you - try to fix/tweak that annoying thing.

Start simple - is there a slider that only goes up to 10 but you would like to go to 50? An annoying sound clip that you want to remove/replace? Too many ads?

For exploitation you can check out OWASPs “GoatDroid” and Drozers “Sieve” app which deliberately contains security holes that can be exploited.

Video

We tried out a new camera for the recording yesterday and ran into some issues. We’ll see what we can do to recover the video and hopefully we can have something up in the beginning of next week.

 

If you like what we’re doing, help grow the community by spreading the word!

Join our Meetup group

Follow us on Twitter

Subscribe on YouTube

 

/Magnus 0xFF

Read More

May events are finally up

The new theme for May is mobile app reverse-engineering and we will start off with an Android reverse-engineering & hacking talk Thursday 9th followed by a Hackathon on automated reverse-engineering and auditing on the 16th.

 

Unfortunately we could not get the right speakers for the Web Security theme talk and workshop and have decided to postpone this theme to later this year. Sorry about that.

 

If you like what we’re doing, help grow the community by spreading the word!

Join our Meetup group

Follow us on Twitter

Subscribe on YouTube

 

/Magnus 0xFF

Read More

CTF Intro presentation video

Great to see so many of you at the CTF Intro presentation. For you who missed the presentation or need a recap the video is now available.

There was a typo in the email about the CTF workshop being this week. The workshop is on the 24th of April and nothing else. Be sure to sign up since the number of seats will be very limited.

If you like what we’re doing, help grow the community by spreading the word!

Join our Meetup group

Follow us on Twitter

Subscribe on YouTube

/Magnus 0xFF

Read More

Hackathon #1 - SMS-burner

Great work everyone! With some final touches from me and Miikka the SMS-burner is now up and running at https://sms.0xff.se/ Feel free to use it if you ever need to verify “your” phone number with a text message on a privacy intrusive service.

The full source code is published on GitHub. Please contribute!

Audience

Next week we have Carl “Zeta-Two” Svensson over to give an introduction to Capture the flag hacking competitions. Last week his team HackingForSoju placed third at Codegate 2019 in Korea. More info and registration for our CTF-event.

If you like what we’re doing, help grow the community by spreading the word!

Join our Meetup group

Follow us on Twitter

/Magnus 0xFF

Read More