The aim of this talk is to build a bridge between the mundane methodologies and vulnerabilities that everyone can find (and that are now being defended against), and a new approach that finds additional bugs that require assembly knowledge to discover.
The talk looks at the fundamentals of reversing, a primer on iOS architecture, binary patching, reversing MACH-0 binaries, and ends with some real-world examples involving bypassing jailbreak detection.
Pentesting iOS Apps - Runtime Analysis and ManipulationAndreas Kurtz
Apple iOS Apps are primarily developed in Objective-C, an object-oriented extension and strict superset of the C programming language. Objective-C supports the concepts of reflection, also known as introspection. This describes the ability to examine and modify the structure and behavior (specifically the values, meta-data, properties and functions) of an object at runtime.
This talk discusses the background, techniques, problems and solutions to Objective-C runtime analysis and manipulation. It will be discussed how running applications can be extended with additional debugging and runtime tracing capabilities, and how this can be used to modify instance variables and to execute or replace arbitrary object methods of an App.
Moreover, a new framework to assist dynamic analysis and security assessments of iOS Apps will be introduced and demonstrated.
CanSecWest 2013 - iOS 6 Exploitation 280 Days LaterStefan Esser
With the release of iOS6 Apple has cracked down on all published iOS exploitation information. It seems that nearly every trick and technique discussed in talks/papers or books of the last years has been taken care of by Apple in order to stop exploitation for jailbreaking or more malicious purposes.
This talk will tie in with the iOS6 Security talk by Azimuth Security that discussed various kernel hardenings performed by Apple, and discuss further security relevant changes in iOS 6.1 kernel affecting kernel exploitation and user space exploitation.
Pentesting iOS Apps - Runtime Analysis and ManipulationAndreas Kurtz
Apple iOS Apps are primarily developed in Objective-C, an object-oriented extension and strict superset of the C programming language. Objective-C supports the concepts of reflection, also known as introspection. This describes the ability to examine and modify the structure and behavior (specifically the values, meta-data, properties and functions) of an object at runtime.
This talk discusses the background, techniques, problems and solutions to Objective-C runtime analysis and manipulation. It will be discussed how running applications can be extended with additional debugging and runtime tracing capabilities, and how this can be used to modify instance variables and to execute or replace arbitrary object methods of an App.
Moreover, a new framework to assist dynamic analysis and security assessments of iOS Apps will be introduced and demonstrated.
CanSecWest 2013 - iOS 6 Exploitation 280 Days LaterStefan Esser
With the release of iOS6 Apple has cracked down on all published iOS exploitation information. It seems that nearly every trick and technique discussed in talks/papers or books of the last years has been taken care of by Apple in order to stop exploitation for jailbreaking or more malicious purposes.
This talk will tie in with the iOS6 Security talk by Azimuth Security that discussed various kernel hardenings performed by Apple, and discuss further security relevant changes in iOS 6.1 kernel affecting kernel exploitation and user space exploitation.
The Internet of Insecure Things: 10 Most Wanted ListSecurity Weekly
In this talk I will quickly bring you up to speed on the history of embedded device insecurity. Next, we will look at a real-world example or two of how devices are exploited (And attackers profited). Finally, you will learn what we can do to help fix these problems and push the industry for a much higher level of security for devices affecting our daily lives.
You may have heard about this threat, one that has plagued our lives and networks for well over a decade. A problem so ubiquitous, it can't be ignored. Yet, this threat has a history of hiding in plain sight. Users are, for the most part, unaware of the dangers. Security researchers and the media have attempted to highlight this problem for years, without making an impact on improving security. However, vendors and users are still very much at risk and the problem is still largely being ignored by the masses. The Internet of Things (IoT) aims to makes our lives better, yet there is still no foundation for security controls on the devices that allow us to access the Internet, listen to music, watch television, control the temperature in our homes and more. The goal of this talk is to enable the audience to help raise awareness and influence the security of embedded systems in a positive way.
The ABCs of Source-Assisted Web Application Penetration Testing With OWASP ZA...Denim Group
There are a number of reasons to use source code to assist in web application penetration testing such as making better use of penetration testers’ time, providing penetration testers with deeper insight into system behavior, and highlighting specific sections of so development teams can remediate vulnerabilities faster. Examples of these are provided using the open source ThreadFix plugin for the OWASP ZAP proxy and dynamic application security testing tool. These show opportunities attendees have to enhance their own penetration tests given access to source code.
This presentation covers the “ABCs” of source code assisted web application penetration testing: covering issues of attack surface enumeration, backdoor identification, and configuration issue discovery. Having access to the source lets an attacker enumerate all of the URLs and parameters an application exposes – essentially its attack surface. Knowing these allows pen testers greater application coverage during testing. In addition, access to source code can help to identify potential backdoors that have been intentionally added to the system. Comparing the results of blind spidering to a full attack surface model can identify items of interest such as hidden admin consoles or secret backdoor parameters. Finally, the presentation examines how access to source code can help identify configuration settings that may have an adverse impact on the security of the deployed application.
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
Dominic Chell presents "Breaking Secure Mobile Applications" at Hack In The Box 2014.
This presentation details common vulnerabilities that can be found in supposedly secure applications, including BYOD and MDM apps. It also provides an overview of the binary protections that can be implemented to complicate these types of attacks.
SANS @Night Talk: SQL Injection ExploitedMicah Hoffman
This presentation was given at the SANS Rpcky Mountain Conference in Denver, CO June 2014. The presentation had a rather large portion that was demo. That is not captured here. Sorry.
This was presented at the March 16th, 2016 WordPress Meetup in Hamilton and describes WordPress Security and best practices that should be taken to protect any WordPress website against hackers whom target WordPress websites and impact your Google reputation and online presence.
20+ Ways to Bypass Your macOS Privacy MechanismsSecuRing
"TotallyNotAVirus.app" would like to access the camera and spy on you. To protect your privacy, Apple introduced Transparency, Consent, and Control (TCC) framework that restricts access to sensitive personal resources: documents, camera, microphone, emails, and more. Granting such access requires authorization, and the mechanism's main design concern was clear user consent.
In this talk, we will share multiple techniques that allowed us to bypass this prompt, and as a malicious application, get access to protected resources without any additional privileges or user's consent. Together, we submitted over 40 vulnerabilities just to Apple through the past year, which allowed us to bypass some parts or the entire TCC. We also found numerous vulnerabilities in third-party apps (including Firefox, Signal, and others), which allowed us to avoid the OS restrictions by leveraging the targeted apps' privileges.
In the first part of the talk, we will give you an overview of the TCC framework, its building blocks, and how it limits application access to private data. We will explore the various databases it uses and discuss the difference between user consent and user intent.
Next, we will go through various techniques and specific vulnerabilities that we used to bypass TCC. We will cover how we can use techniques like process injection, mounting, application behavior, or simple file searches to find vulnerabilities and gain access to the protected resources.
The audience will leave with a solid understanding of the macOS privacy restrictions framework (TCC) and its weaknesses. We believe there is a need to raise awareness on why OS protections are not 100% effective, and in the end, users have to be careful with installing software on their machines. Moreover - as we're going to publish several exploits - red teams will also benefit from the talk.
Some of the very things that make JavaScript awesome can also leave it exposed. Guy Podjarny and Danny Grander walk through some sample security flaws unique to Node’s async nature and surrounding ecosystem (or especially relevant to it)—e.g., memory leaks via the buffer object, ReDoS and other algorithmic DoS attacks (which impact Node due to its single-threaded nature), and timing attacks leveraging the EventLoop—and show how these could occur in your own code or in npm dependencies.
AppSec Tel Aviv - OWASP Top 10 For JavaScript Developers Lewis Ardern
With the release of the OWASP TOP 10 2017 we saw new issues rise as contenders of most common issues in the web landscape. Much of the OWASP documentation displays issues, and remediation advice/code relating to Java, C++, and C#; however not much relating to JavaScript. JavaScript has drastically changed over the last few years with the release of Angular, React, and Vue, alongside the popular use of NodeJS and its libraries/frameworks. This talk will introduce you to the OWASP Top 10 explaining JavaScript client and server-side vulnerabilities.
The API Primer (OWASP AppSec Europe, May 2015)Greg Patton
API's are everywhere now. SOA, IoT, Mobile, and Thick clients all heavily rely on web services and API's. This talk will present a primer on how to assess these services/interfaces for developers and testers alike. The introduction will include topics such as API identification, common implementations and frameworks. The bulk of the talk will focus on a assessment checklist that anyone can use to test these technologies for security flaws covering topics such as:
Authentication
Verbose-ness
Hidden Functions
Lack of Access Control
Transport Security
Tampering/Trust
Injection
OWASP Portland - OWASP Top 10 For JavaScript DevelopersLewis Ardern
With the release of the OWASP TOP 10 2017 we saw new issues rise as contenders of most common issues in the web landscape. Much of the OWASP documentation displays issues, and remediation advice/code relating to Java, C++, and C#; however not much relating to JavaScript. JavaScript has drastically changed over the last few years with the release of Angular, React, and Vue, alongside the popular use of NodeJS and its libraries/frameworks. This talk will introduce you to the OWASP Top 10 explaining JavaScript client and server-side vulnerabilities.
This slide deck covers the automated & manual static code discovery of Android Application using opensource tools, Reverse engineering of apk file and Secure code review
The Internet of Insecure Things: 10 Most Wanted ListSecurity Weekly
In this talk I will quickly bring you up to speed on the history of embedded device insecurity. Next, we will look at a real-world example or two of how devices are exploited (And attackers profited). Finally, you will learn what we can do to help fix these problems and push the industry for a much higher level of security for devices affecting our daily lives.
You may have heard about this threat, one that has plagued our lives and networks for well over a decade. A problem so ubiquitous, it can't be ignored. Yet, this threat has a history of hiding in plain sight. Users are, for the most part, unaware of the dangers. Security researchers and the media have attempted to highlight this problem for years, without making an impact on improving security. However, vendors and users are still very much at risk and the problem is still largely being ignored by the masses. The Internet of Things (IoT) aims to makes our lives better, yet there is still no foundation for security controls on the devices that allow us to access the Internet, listen to music, watch television, control the temperature in our homes and more. The goal of this talk is to enable the audience to help raise awareness and influence the security of embedded systems in a positive way.
The ABCs of Source-Assisted Web Application Penetration Testing With OWASP ZA...Denim Group
There are a number of reasons to use source code to assist in web application penetration testing such as making better use of penetration testers’ time, providing penetration testers with deeper insight into system behavior, and highlighting specific sections of so development teams can remediate vulnerabilities faster. Examples of these are provided using the open source ThreadFix plugin for the OWASP ZAP proxy and dynamic application security testing tool. These show opportunities attendees have to enhance their own penetration tests given access to source code.
This presentation covers the “ABCs” of source code assisted web application penetration testing: covering issues of attack surface enumeration, backdoor identification, and configuration issue discovery. Having access to the source lets an attacker enumerate all of the URLs and parameters an application exposes – essentially its attack surface. Knowing these allows pen testers greater application coverage during testing. In addition, access to source code can help to identify potential backdoors that have been intentionally added to the system. Comparing the results of blind spidering to a full attack surface model can identify items of interest such as hidden admin consoles or secret backdoor parameters. Finally, the presentation examines how access to source code can help identify configuration settings that may have an adverse impact on the security of the deployed application.
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
Dominic Chell presents "Breaking Secure Mobile Applications" at Hack In The Box 2014.
This presentation details common vulnerabilities that can be found in supposedly secure applications, including BYOD and MDM apps. It also provides an overview of the binary protections that can be implemented to complicate these types of attacks.
SANS @Night Talk: SQL Injection ExploitedMicah Hoffman
This presentation was given at the SANS Rpcky Mountain Conference in Denver, CO June 2014. The presentation had a rather large portion that was demo. That is not captured here. Sorry.
This was presented at the March 16th, 2016 WordPress Meetup in Hamilton and describes WordPress Security and best practices that should be taken to protect any WordPress website against hackers whom target WordPress websites and impact your Google reputation and online presence.
20+ Ways to Bypass Your macOS Privacy MechanismsSecuRing
"TotallyNotAVirus.app" would like to access the camera and spy on you. To protect your privacy, Apple introduced Transparency, Consent, and Control (TCC) framework that restricts access to sensitive personal resources: documents, camera, microphone, emails, and more. Granting such access requires authorization, and the mechanism's main design concern was clear user consent.
In this talk, we will share multiple techniques that allowed us to bypass this prompt, and as a malicious application, get access to protected resources without any additional privileges or user's consent. Together, we submitted over 40 vulnerabilities just to Apple through the past year, which allowed us to bypass some parts or the entire TCC. We also found numerous vulnerabilities in third-party apps (including Firefox, Signal, and others), which allowed us to avoid the OS restrictions by leveraging the targeted apps' privileges.
In the first part of the talk, we will give you an overview of the TCC framework, its building blocks, and how it limits application access to private data. We will explore the various databases it uses and discuss the difference between user consent and user intent.
Next, we will go through various techniques and specific vulnerabilities that we used to bypass TCC. We will cover how we can use techniques like process injection, mounting, application behavior, or simple file searches to find vulnerabilities and gain access to the protected resources.
The audience will leave with a solid understanding of the macOS privacy restrictions framework (TCC) and its weaknesses. We believe there is a need to raise awareness on why OS protections are not 100% effective, and in the end, users have to be careful with installing software on their machines. Moreover - as we're going to publish several exploits - red teams will also benefit from the talk.
Some of the very things that make JavaScript awesome can also leave it exposed. Guy Podjarny and Danny Grander walk through some sample security flaws unique to Node’s async nature and surrounding ecosystem (or especially relevant to it)—e.g., memory leaks via the buffer object, ReDoS and other algorithmic DoS attacks (which impact Node due to its single-threaded nature), and timing attacks leveraging the EventLoop—and show how these could occur in your own code or in npm dependencies.
AppSec Tel Aviv - OWASP Top 10 For JavaScript Developers Lewis Ardern
With the release of the OWASP TOP 10 2017 we saw new issues rise as contenders of most common issues in the web landscape. Much of the OWASP documentation displays issues, and remediation advice/code relating to Java, C++, and C#; however not much relating to JavaScript. JavaScript has drastically changed over the last few years with the release of Angular, React, and Vue, alongside the popular use of NodeJS and its libraries/frameworks. This talk will introduce you to the OWASP Top 10 explaining JavaScript client and server-side vulnerabilities.
The API Primer (OWASP AppSec Europe, May 2015)Greg Patton
API's are everywhere now. SOA, IoT, Mobile, and Thick clients all heavily rely on web services and API's. This talk will present a primer on how to assess these services/interfaces for developers and testers alike. The introduction will include topics such as API identification, common implementations and frameworks. The bulk of the talk will focus on a assessment checklist that anyone can use to test these technologies for security flaws covering topics such as:
Authentication
Verbose-ness
Hidden Functions
Lack of Access Control
Transport Security
Tampering/Trust
Injection
OWASP Portland - OWASP Top 10 For JavaScript DevelopersLewis Ardern
With the release of the OWASP TOP 10 2017 we saw new issues rise as contenders of most common issues in the web landscape. Much of the OWASP documentation displays issues, and remediation advice/code relating to Java, C++, and C#; however not much relating to JavaScript. JavaScript has drastically changed over the last few years with the release of Angular, React, and Vue, alongside the popular use of NodeJS and its libraries/frameworks. This talk will introduce you to the OWASP Top 10 explaining JavaScript client and server-side vulnerabilities.
This slide deck covers the automated & manual static code discovery of Android Application using opensource tools, Reverse engineering of apk file and Secure code review
For a college class: Hacking Mobile Devices at CCSF
Based on "The Mobile Application Hacker's Handbook 1st Edition", by Dominic Chell
Instructor: Sam Bowne
More info: https://samsclass.info/128/128_S19.shtml
This slide briefs about various tools & techniques used to extract unprotected data from iOS apps. You can extract resource files, database files, get data in runtime using various methods. In my next slides I will brief about the ways to secure your iOS apps.
OSX/Pirrit: The blue balls of OS X adwareAmit Serper
Not a lot was said about adware, especially not about adware for Mac. Adware is usually dismissed for being too benign and not interesting. After all – it just displays ads. But what if you were hit with an aggressive variant with malware-like features that has root access to your machine and has the ability to do what ever its creators wanted it to do?
A Mac OS X port of the Pirrit adware includes properties like hidden users, traffic redirection, persistence, and weird DGA-looking domains, all showing that an aggressive malvertiser is now targeting Macs. In the case of OSX.Pirrit, it uses simple social engineering to escalate its privileges and eventually take total control of your Mac. And with control of your machine, Pirrit’s creators could have done pretty much anything, like stolen your company’s secret sauce or installed a keylogger to capture the log-in credentials for your bank account. The creators of Pirrit were trying very hard to avoid being detected by antiviruses, personal firewalls and even from some advanced users.
In this talk, we’ll review OSX/Pirrit, dissect its methods and show it could have carried out much more sinister activities besides bombard a browser with ads.
Fernando Arnaboldi - Exposing Hidden Exploitable Behaviors Using Extended Dif...Codemotion
I created the first differential fuzzing framework to detect dangerous and unusual behaviors in similar software implementations. To prove its effectivity, I found vulnerabilities in multiple implementations of programming language parsers: Java, JavaScript, Perl, PHP, Powershell, Python, and Ruby. This form of fuzzing can work as a practical form of testing to find exploitable vulnerabilities. More undisclosed vulnerabilities will be shown throughout this talk to exemplify how to find issues in general pieces of software. This talk will also include a new special release for Codemotion.
Hybrid mobile app development slide with Ionic Framework. This is a subset of slides presented during my Ionic Mobile Development course.
In addition to the items in this slide, the course will cover Ionic application Architecture, Important AngularJS principles for Ionic development, Native vs Hybrid and code signing to Google Play and AppStore.
It is a hands-on based approach training where 80% of the course (normally from 10 am to 5 pm) will be guided lab activity or mini project activity.
Laying the Foundation for Ionic Platform Insights on SparkIonic Security
The Ionic Analytics team shares insights about the system they built using Spark and Databricks to enable low cost, flexible reporting and lay a foundation for advanced analytics.
These slides were originally presented at the Databricks Data+ML Workshop entitled "Unify Data Pipelines with Machine Learning" on Tuesday September 11 2018 in Atlanta, GA.
Web-App Remote Code Execution Via Scripting Engines by Rahul Sasi at c0c0n - International Cyber Security and Policing Conference http://is-ra.org/c0c0n/speakers.html
Intro to Ionic for Building Hybrid Mobile ApplicationsSasha dos Santos
Ionic is a free framework that allows users to easily build hybrid mobile applications for iOS and Android using Angular and Cordova. Ionic provides a command line interface, CSS classes, reusable components (directives) and various tools for testing and development. In this session, you'll get a birdseye view of what Ionic has to offer, as well as guidelines for building your first Ionic app, including the use of tools such as Yeoman, Bower and Grunt.
Monitoring Attack Surface to Secure DevOps PipelinesDenim Group
A web application’s attack surface is the combination of URLs it will respond to as well as the inputs to those URLs that can change the behavior of the application. Understanding an application’s attack surface is critical to being able to provide sufficient security test coverage, and by watching an application’s attack surface change over time security and development teams can help target and optimize testing activities. This presentation looks at methods of calculating web application attack surface and tracking the evolution of attack surface over time. In addition, it looks at metrics and thresholds that can be used to craft policies for integrating different testing activities into Continuous Integration / Continuous Delivery (CI/CD) pipelines for teams integrating security into their DevOps practices.
This was a session Brian Verkley and I delivered in Las Vegas for EMC World 2016 called 12 Factor App FTW ! In this presentation we talked to each of the 12 factors and how it can relate to the operations side of the house.
Presentation to Xamarin User Group in San Francisco, 19-Sep-2013... all the latest in Xamarin technology including iOS, Android, Xamarin Studio, Portable Class Libraries, Async/Await and TestCloud.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Bridge gap: between the mundane methodologies and vulnerabilities and a new approach that finds additional bugs that require assembly knowledge to discover.
See also iExplorer
Exercise caution
May not be compatible with tweaks and you may end up losing jb
Copy binary you need
UDID from itunes
Often stores Application preferences in /Library/Preferences using NSDefaults class
Application uses UIWebView to render content.
Application registers custom URL scheme
Application invoked when scheme is called
Recall bug in Skype that allowed calls via protocol handler without users consent
Application registers custom URL scheme
Application invoked when scheme is called
Recall bug in Skype that allowed calls via protocol handler without users consent
Remote iOS Debugger plugin
Allows users to debug iOS target applications directly from IDA
debugserver not configured on device by default
attach device to Xcode enable debugging
thin binary for your device
slap on entitlements
See paper at end for details on configuration
All processes share the same copy of dyld_shared_cache
- It’s only loaded once
Kernel
- Allocate virtual memory
- Create main thread
- Code Signing
- Encryption
LC_SEGMENT
instructs the kernel how to set up the memory space of the newly run process.
“segments” are directly loaded from the Mach-O binary into memory.
Kernel loader bsd/kern/mach_loader.c
Memory regions with same r/w/x protection
_RESTRICT with _restrict section
__PAGEZERO
- 32 bit systems corresponds to single page of memory (4KB)
- 64 bit systems entire 32-bit address space or first 4GB
- All access permissions revoked
LC_UNIXTHREAD/LC_MAIN defines entry point
LC_ENCRYPTION_INFO
LC_CODE_SIGNATURE
LC_UNIXTHREAD/LC_MAIN defines entry point
LC_ENCRYPTION_INFO
LC_CODE_SIGNATURE
Interposing inject/replace functions
See DYLD_INSERT_LIBRARIES used by dumpdecrytped
XNU Kernel is at heart of OSX/iOS
Heart of XNU is MACH microkernel
processor_set_tasks – Controls processor group (usually cores on single CPU)
XNU abstraction to scale to multiprocessors/multicores architectures.
Trap is an exception by executing special instruction
CPSR – Current Program Status Register
ARM – instructions are 32 bits wide
THUMB – 16/32 bits wide
PC – Like EIP/RIP
Stack Pointer - ESP
Load store architecture
Plugin for Hopper that automates this
https://github.com/keith/hopper-swift-demangle
TBNZ test the bit to determine if i
A process ID value of 1 indicates that there is no parent process associated with the calling process.
A process ID value of 1 indicates that there is no parent process associated with the calling process.
sysctl - Get or set kernel state
CTL_KERN - top-level name for kernel-specific information
KERN_PROC - Indicates that sysctl will return a struct with process entries.
KERN_PROC_PID - specifies that the target process will be selected based on a process ID (PID).
- Finally, the last item is the PID of that process.