About

I'm a principal security engineer at iSEC Partnerssoftware engineer at Data Theorem. Find me on LinkedIn or email me at nabla.c0d3[at]gmail[dot]com

Research

iOS Application Security

February 2016 - Book release

I was the Technical Reviewer for David Thiel's "iOS Application Security". This book goes in great details about how to spot security issues affecting iOS Apps and how to avoid making these mistakes when building an App.

TrustKit: Code Injection on iOS 8 for the Greater Good

August 2015 - Black Hat USA 2015

Presentation about a new open-source library that makes it very easy to deploy SSL pinning in iOS or OS X Apps.

It Just (Net)Works: The Truth About iOS 7's Multipeer Connectivity Framework

October 2014 - Hack in The Box Kuala Lumpur 2014

August 2014 - Black Hat USA 2014

Presentation on how I reverse-engineered Apple's undocumented Multipeer Connectivity Framework. I also uncovered a man-in-the-middle attack allowing an attacker to downgrade the encryption level of the connection; this issue was later fixed by Apple in iOS 9 as CVE-2015-5851.

Security Audit of Cryptocat iOS

March 2014 - Security report

iSEC Partners performed a security audit of the Cryptocat chat application on iOS; this audit was commissioned by the Open Technology Fund and I was the lead tester on this project. The final report for the work we did has been made publicly available.

Introspy: Security Profiling for Blackbox iOS and Android

October 2013 - Ruxcon 2013

Presentation introducing Introspy, a tool to greatly simplify the process of finding security vulnerabilities in iOS and Android applications.

Everything you've always wanted to know about certificate validation with OpenSSL (but were afraid to ask)

October 2012 - Whitepaper

Whitepaper on how to properly perform certificate validation within an SSL client application using OpenSSL.

When security gets in the way: PenTesting mobile apps that use certificate pinning

July 2012 - Black Hat USA 2012

Presentation about how to bypass SSL certificate pinning when pentesting iOS and Android applications.

Projects

TrustKit iOS and TrustKit Android

Open source libraries for "Drag & Drop" SSL pinning and SSL reporting in iOS/macOS/Android Apps.

SSLyze

Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.

SSL Kill Switch

Blackbox tool to disable SSL certificate validation - including certificate pinning - within OS X and iOS Apps. The initial release was presented at the Black Hat USA conference in 2012.

SSL Conservatory - No longer maintained

Correct implementation of SSL is crucial to secure transmission of data between clients and servers. However, this crucial task is frequently done improperly, due to complex APIs and lack of understanding of SSL fundamentals. The SSL Conservatory is intended to be a clearinghouse for well-documented and secure sample code to correctly implement SSL clients.

Introspy - No longer maintained

Open-source security profiler for iOS, designed to help penetration testers understand what an application does at runtime.