Compiling Our Python Decompiler

Following the feedback we get for our py2exe decompiler (a decompiler for Windows executables created by py2exe1), we noticed that there is a community need for this tool. Most of the feedback comments are requests for help related to missing dependencies and similar problems. However, a couple of months ago, there had been an API-breaking release … Continue reading Compiling Our Python Decompiler

Intercepting HTTPS Traffic from Apps on Android 7+ using Magisk & Burp

Intercepting HTTPS traffic is a necessity with any mobile security assessment. By adding a custom CA to Android, this can easily be done. As of Android Nougat, however, apps don't trust client certificates anymore unless the app explicitly enables this. In this blogpost, we present a new Magisk module, that circumvents this requirement, by automatically adding … Continue reading Intercepting HTTPS Traffic from Apps on Android 7+ using Magisk & Burp

Who is watching your home surveillance systems?

This morning, I heard on the radio that dozens of Belgian families were being watched through their own home surveillance system in Belgium. Nothing new here, as we already know for years that sites exist through which you can watch camera footage of unknowing victims, and this problem is not just limited to Belgium of … Continue reading Who is watching your home surveillance systems?