How to Proxy Xamarin Mobile Apps
This blog post assumes you’re working with physical rooted devices, digital devices may work but not tested.
If you’ve spent a bit of time testing mobile applications, chances are you’ve come across a mobile application that was built using Xamarin. Xamarin is a cross-platform application building tool for building iOS and Android mobile applications. This platform is becoming more and more common as an app building tool.
What’s the problem?
What should I do after an account has been hacked?
I am by no means a security professional. Well.. technically I am, but, this isn’t advice. This is just written for entertainment purposes. Don’t sue me. Also, pictures of our Australian native bees to break up the wall of text.
I recently had a friend of mine get his discord account hacked, I helped guide him through what process he should take to resolve and more importantly prevent this in the future.
My Attempts at OSCP
There are so many different OSCP writeups out there, too many even. Why read mine? I failed the exam 3 times so maybe that will provide a slightly different perspective compared to many of the guides which pass on the first go.
Prior knowledge Before I go through the course, I’d like to cover where my knowledge level was at. At the start of the year I was studying to do my CCNA so I spent a few hours each working day on it for about 6 months.
Elastic CTF
The Elastic CTF is a capture the flag competition that I built based on the Elastic Stack (formerly ELK Stack). I created it for the Sectalks Ninja Night as a way to give back something to the community that has given me so much. It was designed to give people a chance to play with a platform that is used quite often in security teams in many companies. This was my first time developing a CTF challenge and I hope I get the chance to do it again another time.
Elastic Stack CTF Scenario Walkthrough
This is a walkthrough for the Elastic Stack CTF scenario that was run for the Sectalks Ninja Night 0x08 (9th).
The CTF is available to be spun up from my repository, for more information visit HERE. Feel free to spin it up and give it a go.
Scenario:
Overnight we’ve had an attack on our network, we have two devices in the cloud and it appears both have been compromised.