Blog

7 major risks for your CI/CD pipeline

When securing your CI/CD pipeline, it is not only about producing a secure product – it is also about securing the pipeline itself. Here are 7 major risks for your CI/CD pipeline and a few ideas on how to Threatmodel your own CI/CD pipeline.

The crazy world of building application security programs @ Elbsides

Having had the opportunity to present a talk at Elbsides in Hamburg in 2019, we did exactly that :) Elbsides 2019 was the start of a new Security Conference in Hamburg in the Spirit of the BSides security conferences. Here is the recording on YouTube (external link) YouTube (external link)...

Building modern SSDLCs - Securing Software at Scale

Security in the last years was mostly focused on infrastructure protection, but application security has slowly grown in relevance and will likely continue to do so. Applications play a growing role for businesses and application specific programs are often not yet in place. What Microsoft started with an SDL - a secure development lifecycle - has not been implemented nor is it easily transferable into the modern world of agile methodologies, DevOps and increased deployment speed.

When your DNS leaks your infrastructure

I recently made a small and seemingly unimportant mistake: I tried to contact a server from a company's infrastructure but was not logged in to their VPN. Boring, you may think, happens every day. But a few hours later I was writing python code and mass-scanning the internet for DNS servers.

Hacking Android apps with FRIDA III - OWASP UnCrackable 2

Shortly after my second blogpost on Frida, @muellerberndt decided to publish another OWASP Android crackme and I was tempted to see whether I could solve it with Frida again. If you want to follow along, you need the OWASP Uncrackable Level2 APK Android SDK and Emulator (I am using an Android 7.1 x64 image)...

Hacking Android apps with FRIDA II - Crackme

After the introduction to Frida in the first part of this post, we are now bringing Frida to use for solving a little crackme. After what we have already learned about Frida, this is going to be easy (- in theory). If you want to follow along, please download the OWASP Uncrackable...

Hacking Android apps with FRIDA I

When I visited RadareCon last year, I learned about Frida, a dynamic binary instrumentation framework. And what seemed only interesting at first, turned out to be quite a lot of fun. Remember God mode in games? That’s what Frida feels like for native apps. This is a blog post about using Frida for...

Decrypting Adwind jRAT jBifrost trojan

This is a post on how to dissect the AdWind / jRAT / jBifrost Java trojan that has been around for quite a while and is still actively distributed in multiple variants. jRAT is nothing new and it has been decrypted before, but it’s still an interesting excercise. I retreived...