The Corellium Blog

News and technical info from Corellium and community contributors.

Intro to Android mobile reverse engineering
05 Jan 2023

Intro to Android mobile reverse engineering

Reverse engineering Android apps Reverse engineering an Android application typically involves using specialized tools to decompile the applications compiled code and resources into a human-readable form. As we go through this blog post, we will...
Technical Writeup
Intro to iOS mobile reverse engineering
05 Jan 2023

Intro to iOS mobile reverse engineering

Reverse engineering iOS apps iOS applications are distributed as compiled binaries and are not readable by default. To reverse engineer an iOS application, the binary needs to be disassembled into a form that is easier to read and understand. This...
Technical Writeup
Certificate pinning explained
30 Nov 2022

Certificate pinning explained

In this blog post, we will look at certificate pinning, how it is implemented for iOS and Android and the associated risks of using this added security control.
Technical Writeup
Exploiting Android local storage with Corellium
26 Oct 2022

Exploiting Android local storage with Corellium

Storing data is essential to many mobile applications. What data is being stored? How is the data being stored? How is my data being protected? These are all great questions. In this blog post we are going to demonstrate exploiting local Android...
Technical Writeup
Exploiting iOS local storage with Corellium
20 Oct 2022

Exploiting iOS local storage with Corellium

Storing data is essential to many mobile applications. What data is being stored? How is the data being stored? How is my data being protected? These are all great questions. In this blog post, we are going to demonstrate how to examine, detect and...
Technical Writeup
Behind the scenes: Using Corellium to build Corellium models
12 Oct 2022

Behind the scenes: Using Corellium to build Corellium models

Introduction: How to debug code using Corellium Testing Corellium for another release we found out that Xcode is unable to prepare some iOS 15.x virtual devices for development. Moreover, Xcode doesn't return any errors and seems to be just stuck...
Technical Writeup
Apple signing with Corellium
07 Oct 2022

Apple signing with Corellium

Introduction — iOS security testing woes Want to sideload your iOS application for mobile security testing? Or do you want to pass your application to QA, dev or third-party teams? Are you struggling with binary signing and consistent errors? This...
Technical Writeup
Mapping iOS persistence attack surface using Corellium
19 Aug 2022

Mapping iOS persistence attack surface using Corellium

Persistence is a tactic used by attackers and jailbreakers1 to maintain a foothold on a device after reboot, and can be a valuable component of an exploit chain. Fundamentally, this requires attacker-controlled data to be processed at some point in...
Technical Writeup
Using the Safari Web Inspector with Corellium
07 Jun 2022

Using the Safari Web Inspector with Corellium

Overview In this guide, we'll be setting up a Corellium iOS virtual device to perform debugging of web applications using Safari's Web Inspector tool. For web developers, this is useful for testing rapid tweaks to CSS or troubleshooting responsive...
Technical Writeup
Where does mobile app security testing fit into the latest NIST SSDF and CISA Zero Trust publications?
14 May 2022

Where does mobile app security testing fit into the latest NIST SSDF and CISA Zero Trust publications?

It’s difficult to find technically useful, well contributed information on mobile security testing and mobile software development life cycle (SDLC) best practices. There is a lot of high-level info scattered around, and it seems like new government...
Technical Writeup
Armv9 and Corellium: Why we chose Arm vs X86
05 Apr 2021

Armv9 and Corellium: Why we chose Arm vs X86

In 2021, Arm gave us a glimpse into the future by unveiling the next-generation of Arm processors: the Armv9 architecture. This is a huge deal for the future of mobile devices. The device you’re carrying around in your pocket is almost certainly...
Technical Writeup
How we ported Linux to the M1
20 Jan 2021

How we ported Linux to the M1

1. Apple special sauce: The M1 Processor When Apple released their desktop products with the M1 processor in November 2020, quite a few people in the tech community were surprised by the excellent performance of these systems. But those who have...
Technical Writeup

Subscribe to stay connected

Stay up to date with the latest news and announcements.