This document provides an introduction to runtime hacking on iOS. It discusses setting up the environment, mapping out an application by decrypting and dumping binaries to obtain class information. It then covers techniques for dumping and modifying variables at runtime like retrieving sensitive user data. Methods for manipulating functions are also presented, such as bypassing authentication or jailbreak detection. Persistence techniques like injecting libraries are explained. Finally, it addresses considerations for hacking Swift applications. The overall goal is to quickly get people up to speed on runtime analysis and manipulation of third-party iOS apps.
This talk presents apkfile, a library for extracting machine learning features from Android apps as well as describing several interesting, high-value features for malware detection such as compiler fingerprinting, anti-vm detection, and Markov models for detecting unusual strings. Additionally, it provides tips for improving model performance with data preparation, feature selection, model tuning, and model blending.
iPhone, the next generation mobile platform has revolutionized the way one uses phones as it's a combination of a phone, an iPod and an internet device. The iPhone is a richer platform for application delivery due to an exponential growth and wide spread usage.
The critical factor, for a successful mobile application is the end user experience: application usability, reliability, and performance which the iPhone delivers in style. There are thousands of applications created by hundreds of developers for the iPhone. This kind of innovation helps you start developing the next generation of innovative mobile applications now.
Topics Covered
* Current State of iPhone Development
* Fast Track to Objective C
* Fast Track to XCode and Interface Builder
* Getting Productive using OR-Framework, Testing, Serialization
Munjal Budhabhatti is a senior solution developer at ThoughtWorks. He possesses over 10 years of experience in designing large-scale enterprise applications and has implemented innovative solutions for some of the largest microfinance, insurance and financial organizations. He loves writing well-designed enterprise applications using Agile processes. His article on "Test-Driven Development and Continuous Integration for Mobile Applications" was recently published in the Microsoft Architecture Journal.
Build software like a bag of marbles, not a castle of LEGO®Hannes Lowette
If you have ever played with LEGO®, you will know that adding, removing or changing features of a completed castle isn’t as easy as it seems. You will have to deconstruct large parts to get to where you want to be, to build it all up again afterwards. Unfortunately, our software is often built the same way. Wouldn’t it be better if our software behaved like a bag of marbles? So you can just add, remove or replace them at will?
Most of us have taken different approaches to building software: a big monolith, a collection of services, a bus architecture, etc. But whatever your large scale architecture is, at the granular level (a single service or host), you will probably still end up with tightly couple code. Adding functionality means making changes to every layer, service or component involved. It gets even harder if you want to enable or disable features for certain deployments: you’ll need to wrap code in feature flags, write custom DB migration scripts, etc. There has to be a better way!
So what if you think of functionality as loose feature assemblies? We can construct our code in such a way that adding a feature is as simple as adding the assembly to your deployment, and removing it is done by just deleting the file. We would open the door for so many scenarios!
In this talk, I will explain how to tackle the following parts of your application to achieve this goal: WebAPI, Entity Framework, Onion Architecture, IoC and database migrations. And most of all, when you would want to do this. Because… ‘it depends’.
This talk presents apkfile, a library for extracting machine learning features from Android apps as well as describing several interesting, high-value features for malware detection such as compiler fingerprinting, anti-vm detection, and Markov models for detecting unusual strings. Additionally, it provides tips for improving model performance with data preparation, feature selection, model tuning, and model blending.
iPhone, the next generation mobile platform has revolutionized the way one uses phones as it's a combination of a phone, an iPod and an internet device. The iPhone is a richer platform for application delivery due to an exponential growth and wide spread usage.
The critical factor, for a successful mobile application is the end user experience: application usability, reliability, and performance which the iPhone delivers in style. There are thousands of applications created by hundreds of developers for the iPhone. This kind of innovation helps you start developing the next generation of innovative mobile applications now.
Topics Covered
* Current State of iPhone Development
* Fast Track to Objective C
* Fast Track to XCode and Interface Builder
* Getting Productive using OR-Framework, Testing, Serialization
Munjal Budhabhatti is a senior solution developer at ThoughtWorks. He possesses over 10 years of experience in designing large-scale enterprise applications and has implemented innovative solutions for some of the largest microfinance, insurance and financial organizations. He loves writing well-designed enterprise applications using Agile processes. His article on "Test-Driven Development and Continuous Integration for Mobile Applications" was recently published in the Microsoft Architecture Journal.
Build software like a bag of marbles, not a castle of LEGO®Hannes Lowette
If you have ever played with LEGO®, you will know that adding, removing or changing features of a completed castle isn’t as easy as it seems. You will have to deconstruct large parts to get to where you want to be, to build it all up again afterwards. Unfortunately, our software is often built the same way. Wouldn’t it be better if our software behaved like a bag of marbles? So you can just add, remove or replace them at will?
Most of us have taken different approaches to building software: a big monolith, a collection of services, a bus architecture, etc. But whatever your large scale architecture is, at the granular level (a single service or host), you will probably still end up with tightly couple code. Adding functionality means making changes to every layer, service or component involved. It gets even harder if you want to enable or disable features for certain deployments: you’ll need to wrap code in feature flags, write custom DB migration scripts, etc. There has to be a better way!
So what if you think of functionality as loose feature assemblies? We can construct our code in such a way that adding a feature is as simple as adding the assembly to your deployment, and removing it is done by just deleting the file. We would open the door for so many scenarios!
In this talk, I will explain how to tackle the following parts of your application to achieve this goal: WebAPI, Entity Framework, Onion Architecture, IoC and database migrations. And most of all, when you would want to do this. Because… ‘it depends’.
This is a low-level, and philosophical discussion on the act of compiling data out of your PHP applications using Zend\Code: Scanning, Generating, Annotating code in PHP.
Learn the best QA / Testing Tools, Automation Testing tools and techniques Online & Classroom Training from the industry experts at Magnitia IT.
https://www.magnitia.com/testing-courses.html
Facilitating Idiomatic Swift with Objective-CAaron Taylor
Blog Post: https://www.meta.sc/tech/swiftobjc
If you are hitting roadblocks in trying to communicate with Core Foundation and C APIs directly from Swift, just wrap them in a friendly Objective-C class that provides an simple API for the rest of your application to use.
Java Class Loader
http://bd.linkedin.com/in/imranhasanhira
https://www.linkedin.com/company/kona-software-lab-ltd-
Regular java programs doesn't need to mess with class loader. But if someone want to make a framework then it may be helpful to get these classloader things clear in mind.
Most java frameworks use their custom classloader to make coding more dynamic. So understanding the the concepts clearly will definitely boost up the confidence, as well as knowledge about Class Loader.
The Basic Over of Swift as a new programming language.
This presentation is general look at Swift, please disregard the fact and references to the Swift scripting language which at the time thought to similar or same.
The 3h workshop version of the 3d Advanced Architectures training (http://canonicalexamples.com/courses_ios/#iOSArch). I have delivered this one or the Android counterpart in more than 20 cities in Europe and America. This is version that I shared in Cluj Napoca.
Robot Framework - Lord of the Rings
Introduction to the Robot Framework for Acceptance Test automation, and hands on examples, highlighting the key features. To catch the demo's, drop me a note at my email id.
InvokeDynamic for Mere Mortals [JavaOne 2015 CON7682]David Buck
presentation video: https://www.youtube.com/watch?v=gIffIZnmYBM
The invokedynamic instruction (part of JSR-292) has been around since JDK 7. Since it's introduction 4 years ago, we have seen it's adoption by many of the JVM's most popular languages, including Java itself! Despite its importance to most languages that run on the JVM, many developers still do not understand how it is used or implemented. Most resources available about JSR-292 are aimed at language implementers who are experts in compiler theory and language design. This session will be different, and will offer an overview of JSR-292 for people who are curious about how things work, but do not necessarily spend all day working on java bytecode.
Does The Delphi IDE Narrow You? Extend It! - ITDevConX European Delphi Confer...Marco Breveglieri
Delphi's integrated development environment (IDE) offers a very wide range of tools, commands and options ready to use. However, one day you may find that, of all these features, it happens to be the most dear to you that is missing; alternatively, you could start thinking of an 'automation' and think that if Delphi were able to do it, that would certainly save you a lot of time in your work, avoiding doing everything again and again many times, with the risk of making mistakes. If this range of situations seems very familiar to you but you don't know where to start, this talk is just for you! Thanks to the Open Tools API (OTA), Delphi allows us to interact with the IDE to add new commands, new tool windows, new wizards and project templates. Thanks to an in-depth explanation and several specially designed code examples, we will see together what it takes to extend the functionality of the IDE, to automate it and thus bring it closer to our own way of working.
Introduction to TypeScript, demo ( http://goo.gl/VtE4Vm ), Comparison with couple of popular alternatives. (Sadly layout of the slides are a bit ruined by conversion to SlideShare format - original file: http://goo.gl/eeJgbR )
TypeScript is an amazing substitute for JavaScript that solves a bunch of significant problems that are surprisingly common in large JavaScript code bases. But, by solving those problems, it also creates a new one: it's now easier than ever to create larger and more complex code bases. It turns out that accommodating that complexity while supporting all the different JavaScript environments is quite a challenge.
Which is why TypeScript has multiple module systems, unfortunately with confusing names and poor guidance. In this session, we sort out the mess and talk about the differences between internal and external modules, writing client and server code, how the TypeScript modules map to JavaScript modules in different versions of JavaScript, and about integration with build tools like Gulp.
These are the slides for the talk I gave at the JavaScript Israel Meetup: http://www.meetup.com/JavaScript-Israel/events/228923402/
Just a simple intro to typescript.
Most of the contents are of any OO language, hence slide contents are minimal. If anyone need any further help, reach me out - akhil2369492@gmail.com
-Akhil
Java is a programming language designed for use in the distributed environment of the Internet.
Programming language developed for the Web.
Programming language Developed by James Gosling.
Sun Microsystems released java in 1995 as a core component of Sun Java technology.
Java is very versatile, efficient, platform independent and secure.
Java is write once and run anywhere.
The Need for a More Effective Penetration Test” Generally, reviewing a mobile application for security vulnerabilities include areas such as local storage, cryptographic usage, mobile traffic analysis, black box static analysis, etc. The methods and tools which are typically used to conduct these reviews are outdated, difficult to properly configure and/or use, and in many instances provide an incomplete picture. The easiest way sometimes would be to review the application while it is running, as it would provide a better understanding of the application’s behavior. However, debugging tools such as “gdb”, “jdb/jdwp”, and “adb” require significant manual time to analyze the application. And if we have to change the application’s normal behavior for bypassing any security controls, we have to decompile the application, edit the code, and rebuild the application. In this presentation, we will understand more effective methods of conducting runtime analysis on both iOS and Android applications, utilizing tools which monitor runtime behavior. We will also cover how hooking/runtime tools like “cycript” and “MobileSubstrate” work, and briefly discuss how these can be used to bypass controls such as built-in application safeguards, jailbreak detection, and certificate pinning. In addition, we will also discuss venues of attack vectors which may open up while testing the application at runtime. We will aim to deduce that, by including runtime analysis as part of our penetration testing methodology, we will save time while performing it more effectively.
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
Dominic Chell presents "Breaking Secure Mobile Applications" at Hack In The Box 2014.
This presentation details common vulnerabilities that can be found in supposedly secure applications, including BYOD and MDM apps. It also provides an overview of the binary protections that can be implemented to complicate these types of attacks.
This is a low-level, and philosophical discussion on the act of compiling data out of your PHP applications using Zend\Code: Scanning, Generating, Annotating code in PHP.
Learn the best QA / Testing Tools, Automation Testing tools and techniques Online & Classroom Training from the industry experts at Magnitia IT.
https://www.magnitia.com/testing-courses.html
Facilitating Idiomatic Swift with Objective-CAaron Taylor
Blog Post: https://www.meta.sc/tech/swiftobjc
If you are hitting roadblocks in trying to communicate with Core Foundation and C APIs directly from Swift, just wrap them in a friendly Objective-C class that provides an simple API for the rest of your application to use.
Java Class Loader
http://bd.linkedin.com/in/imranhasanhira
https://www.linkedin.com/company/kona-software-lab-ltd-
Regular java programs doesn't need to mess with class loader. But if someone want to make a framework then it may be helpful to get these classloader things clear in mind.
Most java frameworks use their custom classloader to make coding more dynamic. So understanding the the concepts clearly will definitely boost up the confidence, as well as knowledge about Class Loader.
The Basic Over of Swift as a new programming language.
This presentation is general look at Swift, please disregard the fact and references to the Swift scripting language which at the time thought to similar or same.
The 3h workshop version of the 3d Advanced Architectures training (http://canonicalexamples.com/courses_ios/#iOSArch). I have delivered this one or the Android counterpart in more than 20 cities in Europe and America. This is version that I shared in Cluj Napoca.
Robot Framework - Lord of the Rings
Introduction to the Robot Framework for Acceptance Test automation, and hands on examples, highlighting the key features. To catch the demo's, drop me a note at my email id.
InvokeDynamic for Mere Mortals [JavaOne 2015 CON7682]David Buck
presentation video: https://www.youtube.com/watch?v=gIffIZnmYBM
The invokedynamic instruction (part of JSR-292) has been around since JDK 7. Since it's introduction 4 years ago, we have seen it's adoption by many of the JVM's most popular languages, including Java itself! Despite its importance to most languages that run on the JVM, many developers still do not understand how it is used or implemented. Most resources available about JSR-292 are aimed at language implementers who are experts in compiler theory and language design. This session will be different, and will offer an overview of JSR-292 for people who are curious about how things work, but do not necessarily spend all day working on java bytecode.
Does The Delphi IDE Narrow You? Extend It! - ITDevConX European Delphi Confer...Marco Breveglieri
Delphi's integrated development environment (IDE) offers a very wide range of tools, commands and options ready to use. However, one day you may find that, of all these features, it happens to be the most dear to you that is missing; alternatively, you could start thinking of an 'automation' and think that if Delphi were able to do it, that would certainly save you a lot of time in your work, avoiding doing everything again and again many times, with the risk of making mistakes. If this range of situations seems very familiar to you but you don't know where to start, this talk is just for you! Thanks to the Open Tools API (OTA), Delphi allows us to interact with the IDE to add new commands, new tool windows, new wizards and project templates. Thanks to an in-depth explanation and several specially designed code examples, we will see together what it takes to extend the functionality of the IDE, to automate it and thus bring it closer to our own way of working.
Introduction to TypeScript, demo ( http://goo.gl/VtE4Vm ), Comparison with couple of popular alternatives. (Sadly layout of the slides are a bit ruined by conversion to SlideShare format - original file: http://goo.gl/eeJgbR )
TypeScript is an amazing substitute for JavaScript that solves a bunch of significant problems that are surprisingly common in large JavaScript code bases. But, by solving those problems, it also creates a new one: it's now easier than ever to create larger and more complex code bases. It turns out that accommodating that complexity while supporting all the different JavaScript environments is quite a challenge.
Which is why TypeScript has multiple module systems, unfortunately with confusing names and poor guidance. In this session, we sort out the mess and talk about the differences between internal and external modules, writing client and server code, how the TypeScript modules map to JavaScript modules in different versions of JavaScript, and about integration with build tools like Gulp.
These are the slides for the talk I gave at the JavaScript Israel Meetup: http://www.meetup.com/JavaScript-Israel/events/228923402/
Just a simple intro to typescript.
Most of the contents are of any OO language, hence slide contents are minimal. If anyone need any further help, reach me out - akhil2369492@gmail.com
-Akhil
Java is a programming language designed for use in the distributed environment of the Internet.
Programming language developed for the Web.
Programming language Developed by James Gosling.
Sun Microsystems released java in 1995 as a core component of Sun Java technology.
Java is very versatile, efficient, platform independent and secure.
Java is write once and run anywhere.
The Need for a More Effective Penetration Test” Generally, reviewing a mobile application for security vulnerabilities include areas such as local storage, cryptographic usage, mobile traffic analysis, black box static analysis, etc. The methods and tools which are typically used to conduct these reviews are outdated, difficult to properly configure and/or use, and in many instances provide an incomplete picture. The easiest way sometimes would be to review the application while it is running, as it would provide a better understanding of the application’s behavior. However, debugging tools such as “gdb”, “jdb/jdwp”, and “adb” require significant manual time to analyze the application. And if we have to change the application’s normal behavior for bypassing any security controls, we have to decompile the application, edit the code, and rebuild the application. In this presentation, we will understand more effective methods of conducting runtime analysis on both iOS and Android applications, utilizing tools which monitor runtime behavior. We will also cover how hooking/runtime tools like “cycript” and “MobileSubstrate” work, and briefly discuss how these can be used to bypass controls such as built-in application safeguards, jailbreak detection, and certificate pinning. In addition, we will also discuss venues of attack vectors which may open up while testing the application at runtime. We will aim to deduce that, by including runtime analysis as part of our penetration testing methodology, we will save time while performing it more effectively.
Breaking Secure Mobile Applications - Hack In The Box 2014 KLiphonepentest
Dominic Chell presents "Breaking Secure Mobile Applications" at Hack In The Box 2014.
This presentation details common vulnerabilities that can be found in supposedly secure applications, including BYOD and MDM apps. It also provides an overview of the binary protections that can be implemented to complicate these types of attacks.
Everyone heard about Kubernetes. Everyone wants to use this tool. However, sometimes we forget about security, which is essential throughout the container lifecycle.
Therefore, our journey with Kubernetes security should begin in the build stage when writing the code becomes the container image.
Kubernetes provides innate security advantages, and together with solid container protection, it will be invincible.
During the sessions, we will review all those features and highlight which are mandatory to use. We will discuss the main vulnerabilities which may cause compromising your system.
Contacts:
LinkedIn - https://www.linkedin.com/in/vshynkar/
GitHub - https://github.com/sqerison
-------------------------------------------------------------------------------------
Materials from the video:
The policies and docker files examples:
https://gist.github.com/sqerison/43365e30ee62298d9757deeab7643a90
The repo with the helm chart used in a demo:
https://github.com/sqerison/argo-rollouts-demo
Tools that showed in the last section:
https://github.com/armosec/kubescape
https://github.com/aquasecurity/kube-bench
https://github.com/controlplaneio/kubectl-kubesec
https://github.com/Shopify/kubeaudit#installation
https://github.com/eldadru/ksniff
Further learning.
A book released by CISA (Cybersecurity and Infrastructure Security Agency):
https://media.defense.gov/2021/Aug/03/2002820425/-1/-1/1/CTR_KUBERNETES%20HARDENING%20GUIDANCE.PDF
O`REILLY Kubernetes Security:
https://kubernetes-security.info/
O`REILLY Container Security:
https://info.aquasec.com/container-security-book
Thanks for watching!
Aleksei Dremin - Application Security Pipeline - phdays9Alexey Dremin
Presented at Phdays 9 2019 Moskow.The real model of an Application Security Pipeline based on Jenkins. The talk covers the key principles how to build and scale up the AppSec program using automation, orchestration. Giving samples of useful tools for security scans such as Snyk, DefectDojo, Retire.js, Node audit, Owasp Dependency check, Safety.
My 6th. revision of my Stackato presentation given at the German Perl Workshop 2013 in Berlin, Germany,
More information available at: https://logiclab.jira.com/wiki/display/OPEN/Stackato
Security research over Windows #defcon chinaPeter Hlavaty
Past several years Microsoft Windows undergo lot of fundamental security changes. Where one can argue still imperfect and bound to tons of legacy issues, on the other hand those changes made important shifts in attacker perspective. From tightened sandboxing, restricting attack surface, introducing mitigations, applying virtualization up to stronger focus even on win32k. In our talk we will go trough those changes, how it affects us and how we tackle them from choosing targets, finding bugs up to exploitation primitives we are using. While also empathize that windows research is not only about sandbox, and there are many more interesting target to look for.
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
The SolarWinds attack brought additional scrutiny software supply chain security, but concerns about organizations’ software supply chains have been discussed for a number of years. Development organizations’ shift to DevOps or DevSecOps has pushed teams to adopt new technologies in the build pipeline – often hosted by 3rd parties. This has resulted in build pipelines that expose a complicated and often uncharted attack surface. In addition, modern products also incorporate code from a variety of contributors – ranging from in-house developers, 3rd party development contractors, as well as an array open source contributors.
This talk looks at the challenge of developing secure build pipelines. This is done via the construction of a threat model for an example software build pipeline that walks through how the various systems and communications along the way can potentially be misused by malicious actors. Coverage of the major components of a build pipeline – source control, open source component management, software builds, automated testing, and packaging for distribution – is used to enumerate likely attack surface exposed via the build process and to highlight potential controls that can be put in place to harden the pipeline against attacks. The presentation is intended to be useful both for evaluating internal build processes as well as to support the evaluation of critical external vendors’ processes.
During this talk, we looked at some of the typical controls that Android/iOS applications exhibit, how they work, how to spot them, and how to sidestep them. We’ll demonstrate analysis and techniques using free open source tooling such as Radare and Frida, and for some parts, we’ll use IDA Pro. And since “automation” is the buzzword of the year, we’ll discuss how to automate some of these activities, which typically take up most of the assessment window.
For more information, please visit our website at www.synopsys.com/software
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...The Linux Foundation
High level toolstacks for server and cloud virtualization are very mature with large communities using and supporting them. Client virtualization is a much more niche community with unique requirements when compared to those found in the server space. In this talk, we’ll introduce a client virtualization toolstack for Xen (redctl) that we are using in Redfield, a new open-source client virtualization distribution that builds upon the work done by the greater virtualization and Linux communities. We will present a case for maturing libxl’s Go bindings and discuss what advantages Go has to offer for high level toolstacks, including in the server space.
There are many resources out there that walk you through the process of setting up distributed systems, queuing and asynchronous processes — with and without NServiceBus.
Despite all the online education, teams continue to make the same common mistakes when designing and implementing microservices architecture. While the mistakes can have devastating consequences, they are easy to avoid when approached intentionally.
Jeffrey Palermo and Justin Self share their experiences in overcoming common microservices pitfalls and show how NServiceBus naturally encourages better architecture, such as easy adherence to SOLID principles.
Learn:
* What a microservice really is (and is not)
* What mistakes teams commonly make
* How to avoid the pitfalls and design more robust and scalable architecture
* How to equip your team for a microservices architecture
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
Today’s cutting-edge companies have software release cycles measured in days instead of months. This agility is enabled by the DevOps practice of continuous delivery, which automates building, testing, and deploying all code changes. This automation helps you catch bugs sooner and accelerates developer productivity. In this session, we’ll share the processes that Amazon’s engineers use to practice DevOps and discuss how you can bring these processes to your company by using a new set of AWS tools (AWS CodePipeline and AWS CodeDeploy). These services were inspired by Amazon's own internal developer tools and DevOps culture.
Similar to Wahckon[2] - iOS Runtime Hacking Crash Course (20)
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
3. What Is This Presentation
About?
• Quick and dirty intro to runtime hacking on iOS
• Help people get up to speed quickly
• Hopefully practical
• Focussed on third-party apps
4. What It’s Not
• No data security
• No transport security
• Not touching on remediation/protection
• For more comprehensive presentations on iOS
pen testing or how to secure apps go to
eightbit.io/presentations
5. Outline
• Objective-C Basics
• Setting Up The Environment
• Mapping Out the Application
• Dumping and Modifying Variables
• Manipulating Functions at Runtime
• Swift Considerations
7. Objective-C
• Native iOS applications are written in Objective-C
• Objective-C is a superset of C
• Objective-C is basically C with Smalltalk-style
messaging and object syntax
10. Syntax
// Sending the message “method” to the object pointed to by the pointer obj
[obj method: argument1: argument2];
11. Important Takeaways
• Understand basic OO principles
• Rudimentary understanding of MVC
• Basic Objective-C
• How to call methods (embrace the square
bracket!)
• How to read and write variables
15. Mapping Out The Application
• The most important part
• Objective-C apps store a bunch of useful runtime
information in the executable
• This information provides great insight into how an
application functions (and thus is useful for finding
bugs)
16. Decrypting Binaries
• Apps downloaded from the App Store are
protected with Apple’s FairPlay DRM
• Certain portions of the binary are encrypted
• Need to decrypt these portions before we can
analyse the binary
17. Decrypting Binaries
• Can do it manually by extracting the encrypted
portion after the loader decrypts it and then patch
the decrypted portion it into the binary
• Plenty of tools to automate this for you
• dumpdecrypted
• Clutch and Rasticrac
18. Decrypting Binaries
• Not going to demonstrate this as there are plenty
of guides on the web and it’s not very interesting
• NOTE: Piracy is not cool
19. Obtaining a Class Dump
• Using the excellent class-dump-z tool you can
extract all of the runtime information stored in the
binary in a what is essentially the equivalent of an
Objective-C header file
• class-dump-z -aAkRzb [BINARY]
21. Other Options
• Disassemblers such as IDA or Hopper
• Great for lower level insight
• Swift binaries
• otool
• weak_class_dump.cy (https://github.com/limneos/
weak_classdump)
23. Retrieving Sensitive
Information
• Very easy to retrieve sensitive information at
runtime including:
• Credentials
• Encryption keys
• PII
• Sensitive business data
24. Quick and Dirty Approach
• Review the class dump (grep ftw)
• pin, password, passcode, pinlock, key, aes,
account, credentials, creditCard, username,
address, phone, session, token
• Hook into the running application with Cycript and
retrieve the information
25. Cycript
• Ridiculous name (pronounced script)
• Even more ridiculous premise
• “programming language designed to blend
the barrier between Objective-C and
JavaScript”
• Really great tool for interrogating and
manipulating the runtime of an app
29. Manipulating the Runtime
• Objective-C can observe and modify it’s own
behaviour at runtime
• Can call methods directly, modify functions and
even create your own classes and methods
• This has obvious security implications
30. What can you do?
• Break security checks
• Jailbreak checks
• Debug prevention
• Certificate validation
• Bypass authentication
• Subvert business logic
• Get the highest possible score in Flappy Bird
31. Quick and Dirty Approach
• Review the class dump
• Look for sensitive functions
• Identify simple logic
• Hook into the running application with Cycript and
call or modify the functions
35. Persistence
• Using Cycript to modify the behaviour at runtime
obviously will not persist when the application is
terminated
• For a POC on say a pen-test or a bug report it’s
usually not a problem
• However there may be instances where you want
the modification to be persistent
36. Why persistence?
• Security checks hindering testing
• Jailbreak prevention
• Anti-debug protection
• Transport security controls (e.g. cert pinning)
• Development of tools
• For a jailbreak or actual malware
37. How?
• Inject a library into every new process via the
DYLD_INSERT_LIBRARIES environment variable
#chmod +r hook.dylib
#launchctl setenv DYLD_INSERT_LIBRARIES /var/
root/ hook.dylib
38. CydiaSubstrate + Theos
• CydiaSubstrate simplifies hooking with a global injected dylib
• Can just install from Cydia
• Theos is a port of the build tools to other platforms
• So you don’t have to be an Apple fanboy to build hooks
• Focus on the logic of the hook
• Also available on iOS
• http://iphonedevwiki.net/index.php/Theos/Setup
43. Issues with Swift Apps
• Runtime manipulation limited for pure Swift apps
(i.e. a Swift-only runtime)
• Harder to analyse
• No class dump
• Name mangling
44. Assessing Swift Apps
• Can still do some runtime manipulation with the
Objective-C bridge enabled
• Realistically until we get Swift only frameworks all
apps will have this
• Can still do limited hooking with CydiaSubstrate
• Disassemblers for analysing Swift binaries
• Hopper scripts to demangle Swift names (https://
github.com/Januzellij/hopperscripts)