objection - runtime mobile exploration

In this post, I want to introduce you to a toolkit that I have been working on, called objection. The name being a play on the words “object” and “injection”. objection is a runtime exploration toolkit powered by Frida, aimed at mobile platforms. objection aims to allow you to perform various security related tasks on unencrypted iOS applications, at runtime, on non-jailbroken iOS devices as well as Android applications on Android devices. Features include inspecting the application specific keychain, as well as inspecting various artifacts left on disk during (or after) execution. ...

July 11, 2017 · 4 min · Leon Jacobs

flick II vuln vm with a mobile twist

tl;dr Flick II just got published on Vulnhub! You should try it =) introduction After about a year since Flick I, I have finally managed to get Flick II out to VulnHub. I learned a lot from Flick I and as a result applied it to Flick II. The making of Flick II was also a very different story. If I have to compare it to the first one (which took 3 nights to build start to finish), Flick II took waay longer....

August 21, 2015 · 2 min · Leon Jacobs

flick can you find the flag?

TL;DR I made a CTF! You should try it! Find it on Vulnhub foreword So, security CTF’s are fun. A lot of fun. And can be one heck of a time sink! Checking my laptops time and realizing its 3am on a week night is normal when I get pulled into one. The frustration, the trolls, the tremendous amounts of learning is all part of the experience of a successful CTF in my opinion. ...

August 7, 2014 · 2 min · Leon Jacobs