A simple setup for a Build and Deploy system using GitHub Actions
Dec 12, 2020, 8:16 AM
I've been using GitHub Actions on a few projects now, and I find them like the future of what bash scripting was back in the day. I feel I can do pretty much everything in a quick and concise way. In this post, I'll show you the...
Set up a macOS Parallels Virtual Machine for security research
Nov 16, 2020, 5:23 AM
macOS comes with a good set of predefined security features designed to keep us safe, e.g. System Integrity Protection. These security features are great for everyday use, but they get in the way when we are trying to analyse what...
Adding dark mode to a UIKit App
Nov 4, 2020, 6:21 PM
First, remember create a new branch for the changes, we can do that using Xcode or the git(1) command-line tool.
Table of Contents
The basic support
Allowing the user to set the theme
Storing the user preferences on...
Understanding SwiftNIO by building a text modifying server
Aug 20, 2020, 9:11 AM
Building a network application requires a good amount of effort, not only because of the complexities of the application you are building but also by the nature of network architecture. We have to define how are we going to handle the...
Building a text-based application using Swift and ncurses
Aug 6, 2020, 9:25 AM
The ncurses(3) library powers many popular text-based applications, for example, emacs(1) and htop(1). The use of ncurses is not required to build text-based applications. We could use escape sequences. And for small command-line tools...
Generate table of contents with anchors for markdown file - Vim plugin
Jul 20, 2020, 8:01 AM
Vim is my preferred text editor, and I do most of my writing on markdown. If you haven't used markdown, I encourage you to try it out. Markdown is a simple markup language that is in common use on the internet for static site...
How to read passwords and sensitive data from the command-line using Swift
Jul 17, 2020, 7:32 AM
Shoulder surfing is a real threat. And we, as software developers, should strive to provide safety to our users. One way to mitigate the inadvertent exposure of sensitive data is related to how we handle the input of sensitive data in our...
Understanding the Swift Argument Parser and working with STDIN
Jul 7, 2020, 8:27 AM
Operating systems have provided command-line interfaces for decades now, and all but the simplest command-line tools require argument parsing. Due to years of use and refinement, there are many expectations on how command-line tools should...
Extracting entitlements from process memory using LLDB
Mar 30, 2020, 7:56 AM
One of the first steps we take when analysing a macOS (or *OS) app is to go through the entitlements to extract useful information. Usually, we search for the entitlements embedded in the application binary using codesign(1) in our Static...
Scanning a process' memory using LLDB
Mar 23, 2020, 6:49 PM
When performing dynamic analysis, a useful source of information is examining the process' memory for specific patterns. For example, imagine we would like to obtain information about the current process' code signature. To get...
Resigning iOS apps from an IPA for mobile security research
Feb 7, 2020, 4:38 AM
When we are asked to perform a black-box security analysis on an iOS app, depending on the scope, we might only have access to the iOS app from the AppStore. But most of the time, the client would give us an IPA. In a black-box analysis,...