2025

• 03 Aug Beginner's Guide to Disabling ASLR in iOS Apps
• 29 Jul [CVE REQUESTED] Unauthenticated Internal API Testing Interface Exposing Hardcoded Production Credentials
• 29 Jul [CVE REQUESTED] phpinfo() Exposure on Ednovation's Production Subdomain
• 29 Jul [CVE REQUESTED] Directory Listing Exposure on Ednovation's Production Subdomain EProject
• 28 Jul [CVE REQUESTED] Weak Password Hashing Using MD5 in Ednovation's AIMath Web App
• 28 Jul [CVE REQUESTED] Directory Listing Exposure on Ednovation's Development Subdomain
• 27 Jul [CVE REQUESTED] Public Data Exposure via Broken Auth in AIMath Web App
• 26 Jul [CVE REQUESTED] ParentCommApp SQL Injection Backend API
• 26 Jul [CVE REQUESTED] ParentCommApp Insecure Direct Object Reference (IDOR)
• 26 Jul [CVE REQUESTED] Broken JWT Authentication – Hardcoded Shared Secret in ParentCommApp (iOS)
• 25 Jul [CVE REQUESTED] Unauthenticated API Exposure in Ednovation ParentCommApp

2024

• 12 Nov Cracking the Flare-On 11 CTF 2024: Challenge 4 - Meme Maker 3000
• 11 Nov Cracking the Flare-On 11 CTF 2024: Challenge 3 - aray
• 10 Nov Cracking the Flare-On 11 CTF 2024: Challenge 2 - Checksum
• 09 Nov Cracking the Flare-On 11 CTF 2024: Challenge 1 - Frog
• 16 Sep MobileHackingLab iOS Application Security Lab - Run Time Dynamic Library Injection Challenge write-up

2021

• 17 Jan How to add extra playback speed for YouTube iOS?

2020

• 18 Dec Reverse engineering and find out hidden backdoor in iOS app
• 02 May How to tweak existing Medium iOS app features with Theos & Logos - part 2
• 26 Apr How to tweak existing Medium iOS app features with Theos & Logos - part 1
• 14 Apr Bypass StoreKit In-app purchases of iOS apps using LLDB
• 09 Apr Bypass SSL Pinning with LLDB in iOS app
• 23 Mar Bypass In-app purchases of react native iOS app
• 15 Mar Bypass in-app purchase content in iOS apps by modifying local configuration!

2019

• 13 Dec Bypass locked features on iOS apps with Burp Suite!