Leveraging Corellium and Cloudflare Workers for iOS Virtual Device Management
The need for quality iOS emulators continues to rise. Use Corellium with Cloudflare workers to make iOS virtual device management simple and scalable.
The Calls Are Coming from Inside the House
Learn how to set up SSH reverse tunneling in the Corellium app to help you with investigating phishing attacks on iOS. Code and rationale is provided.
Mobile Vulnerabilities Exposed: Change What's Possible in Mobile App Security Testing
Physical devices are tedious to manage and device emulation is insufficient. Learn a better way to conduct mobile appsec testing with Arm virtualization.
Creating a Safe Browsing, Serverless API to scan iOS apps with Corellium & Frida on AWS Lambda
Learn how to create a serverless Safe Browsing API that actually works for iOS apps to scan for security issues using Corellium, Python, and Frida on AWS L
Intro to iOS mobile reverse engineering
Learn how to reverse engineer an app: tools, applications, and analysis for dissecting iOS applications effectively.
Understanding SSL Certificate Pinning: Boost Mobile Security with Corellium
What is SSL certificate pinning and how is it implemented for iOS and Android?
Exploiting Android local storage with Corellium
How to examine, detect and exploit sensitive information being stored by an Android application
Exploiting iOS local storage with Corellium
How to examine, detect and exploit sensitive information being stored by an iOS application
Behind the scenes: Using Corellium to build Corellium models
An example of how we used our Corellium platform to debug one of our virtual iPhone models
Apple signing with Corellium
Fixing Apple Signing Problems with Corellium iOS Virtual Machines
Mapping iOS persistence attack surface using Corellium
Learn how to create a map of a device’s attack surface to discover vulnerabilities that can be used for maintaining a foothold after reboot.
Where does mobile app security testing fit into the latest NIST SSDF and CISA Zero Trust publications?
It’s hard to find useful, well contributed to information on mobile security testing and best practices. Recent cybersecurity publications from U.S. gov agencies often confuse the search. Here’s one interpretation of how they’re interrelated.