Offensive | ConsulThink

Azure Security Assessment

Consulthink — Tue, 19 Mar 2024 14:47:20 +0000

Nell’ultimo decennio l’industria del cloud computing è stata interessata da una crescita esponenziale. Secondo Exploding Topics, dal 2015 ad oggi la quantità di dati aziendali gestiti e mantenuti in cloud è raddoppiata, fino a raggiungere circa il 60% della totalità delle informazioni corporate. In particolare, circa il 22% del mercato cloud appartiene a Microsoft Azure, ...

The post Azure Security Assessment first appeared on ConsulThink.

Rustware Part 3: Dynamic API resolution

Consulthink — Fri, 09 Feb 2024 10:55:00 +0000

In the previous blog post we have seen how to perform a shellcode process injection by finding a target process PID using several WinAPIs, in that case all the WinAPIs were called directly. Usually malwares resolve the WinAPI address at runtime in order to hide malicious behaviours during static analysis. In this blog post we ...

The post Rustware Part 3: Dynamic API resolution first appeared on ConsulThink.

iOS Strings Obfuscation in Swift

Consulthink — Wed, 17 May 2023 10:36:12 +0000

Introduction Usually when reversing an iOS Application, it’s common to see methods and strings that can help an attacker to figure out how the application works. When I’m looking for jailbreak detection mechanisms, I usually start to search for strings and functions containing the word “jailbr (jail, jailbreak or jailbroken) or “root”. If I’m not lucky with these method names, ...

The post iOS Strings Obfuscation in Swift first appeared on ConsulThink.