Right on! I’ve literally spent a couple days trying to get this to work and your video solved it for me. Thanks man Now I can’t get MagiskTrustUserCert to work. Says unzip error during that module install inside Magisk
@CorSecure3 сағат бұрын
I'm glad my video was able to help! I'm planning on going over using MagiskTrustUserCert in the next video. I'll be recording it over the weekend, and it should be uploaded early next week.
@mandirmap13 сағат бұрын
Can you plz share the tool link that you are using for apk explore.
@CorSecure11 сағат бұрын
That was JADX github.com/skylot/jadx
@shortvideo245716 сағат бұрын
How to contact you brother
@leopuff6328Күн бұрын
Thank you so much for the great videos I love your chanel
@CorSecureКүн бұрын
Thanks! I'm glad my videos can be helpful!
@RozanaJobКүн бұрын
what is your pc bro
@lzn-o2eКүн бұрын
Hello, how to use burp to capture app packets for two-way certificate detection?
@lzn-o2eКүн бұрын
Hello, how to use burp to capture app packets for two-way certificate detection?
@lzn-o2eКүн бұрын
Hello, how to use burp to capture app packets for two-way certificate detection?
@jahidulcibl3000Күн бұрын
Great. Reminder don't change your default sdk location
@ov3r02 күн бұрын
Thank you for sharing such amazing videos and helping appsec community
@CorSecure3 күн бұрын
Install Android Studio here: developer.android.com/studio Download rootAVD here: gitlab.com/newbit/rootAVD
@user-pd3mr6jy7l3 күн бұрын
GOD🤩
@cbbcbb68035 күн бұрын
What if you want to make commands even longer?
@hafiz-ng6 күн бұрын
Hey there CorSecure! Super stoked to have you reviewing my app. You make very engaging content. I have learnt a lot about your walk-though on Beetlebug. I'll have to admit there many bugs, cos I actually built this CTF barely 3 months into learning Android Dev and I needed help with finding bugs. I'd push an update to address these issues real soon and make sure to hit you up before the blog post. Thanks for bringing them up, I really do appreciate it. Hafiz (hafiz-ng)
@CorSecure6 күн бұрын
Thank you so much for the kind words! I would love to make another video in the future after any updates you make to the app!
@S-Tohy7 күн бұрын
Good, you have reached the Egyptian audience😂❤
@bruno-devs8 күн бұрын
Please continue with your IOS videos, here in Brazil we are learning a lot
@bruno-devs8 күн бұрын
After decompiling the IPA and editing, how do I recompile it?
@CorSecure7 күн бұрын
I don't re-compile iOS apps very often, but I found this blog post that might be helpful. I may end up making a video on this topic in the future, but it's just not something I use often enough that I have considered making a video yet. I hope this helps! punchthrough.com/re-signing-ios-apps/
@AnnDylcreditrepair8 күн бұрын
Hey thanks so much for providing great videos that non tech masses can understand i am all subscribed looking forward to catching up on all your vids and sharing with everyone i know keep up the good work!
@AnnDylcreditrepair8 күн бұрын
Actually i just checked and it didnt transfer to system certs i am using android 14 or oxygen os 14 onepluses crappy version of android 14 is there anything you can suggest to get this to work i am also using a third party version of magisk kitsune mask witch is a canary magisk version thanks for any guidance.
@CorSecure8 күн бұрын
I haven't tried it with Android 14 yet, but I found this thread on github that has some potential fixes for issues people were having with Android 14. I've also never used kitsune magisk or Oxygen OS, so I don't really know if either of those may be causing issues. I hope this helps! github.com/NVISOsecurity/MagiskTrustUserCerts/issues/31
@ajayghale26238 күн бұрын
GOAT brother you the best homie
@bruno-devs9 күн бұрын
My jailbroken iPhone 7 Plus even though I configure the proxy on my IP it doesn't want to access burp, what should I do?
@CorSecure8 күн бұрын
Is your iPhone on the same network as the machine running Burp? Are on a corporate network or anything that might have a firewall or something in the way?
@bruno-devs8 күн бұрын
@@CorSecure They are on the same network on Burp Suite Professional, I got it on Community, no
@CorSecure8 күн бұрын
If your phone is on the same network as your burp instance, the proxy is listening on the correct IP address, and proxy setting on the phone is set to the same IP and port, you should be able to access burp. Apparently some people have had issues related TLS 1.3 though. portswigger.net/burp/documentation/desktop/mobile/troubleshooting If you have made sure everything is set up properly, my only suggestion would be to contact PortSwigger support.
@tarongg90579 күн бұрын
fortunately i don't use linux
@thatdudefromthefuture33469 күн бұрын
I tried alias, and everytime I made one i kept on forgetting it lol.. *cries in the corner*
@Gertbfrobe40710 күн бұрын
These are obviously important tools 🔧 to acquire. But the prerequisite is enabling developer options, then USB or wireless debugging.
@CorSecure9 күн бұрын
In most cases that's true, but the emulator that I'm using already has all of that enabled by default.
@CorSecure10 күн бұрын
You can download the Beetlebug app from GitHub here: github.com/hafiz-ng/Beetlebug
@314Show10 күн бұрын
Niceee!
@golfie330910 күн бұрын
Cool I didn’t know that
@itsm3dud3912 күн бұрын
yes we want more
@Tqoratsos66612 күн бұрын
Not entirely sure what id need to use linux for....so i dont need to know commands for nothing 😅
@cheze_bun12 күн бұрын
you assume i have mac os, i have windows as my parents are all windows and not mac.
@CorSecure12 күн бұрын
There isn't an option to run palera1n on Windows. Only Linux and Mac. There is palen1x, which is a bootable Linux distro with palera1n installed. I've never used it, but as far as I know that is the only option if you only have Windows. ios.cfw.guide/using-palen1x/
@CatboiAir13 күн бұрын
could you put a list of alias creation lines in a .bat file and keep that on a storage device to run on other machines?
@CatboiAir13 күн бұрын
to clarify-: I have never used linux, I genuinely am unsure if this would or could work
@CorSecure13 күн бұрын
.bat files don't work on linux. those are Windows-specific. you could do that with a bash script or python script or something that would work with linux though.
@T313COmun1s713 күн бұрын
Yeah, aliases are ok, but you wanna really be cool? Graduate to functions. For Example: lookup() { #:# Lookup various info on a domain and display it in a structured way local domain=$1 local apex apexout www wwwout cname tput_format "Info from Registrar" /home/john/go/bin/rdap -w $domain | grep --color -E '^|Expiration Date:|Domain Status:' printf ' ' tput_format "Hostname of domain's Apex A Record:" apex=$(dig $domain +short A | head -n 1) apexout=$(dig +short -x $apex @8.8.8.8) printf '%s (%s) ' "$apexout" "$apex" tput_format "Hostname of domain's WWW Record:" cname=$(dig "www.$domain" +short CNAME | head -n 1) if [[ -z $cname ]]; then www=$(dig "www.$domain" +short A | head -n 1) wwwout=$(dig +short -x $www @8.8.8.8) printf '%s (%s) ' "$wwwout" "$www" else www=$(dig $cname +short A | head -n 1) wwwout=$(dig +short -x $www @8.8.8.8) printf 'CNAME: %s resolves to %s (%s) ' "$cname" "$wwwout" "$www" fi tput_format "Domain's MX Record(s):" dig $domain +short MX printf ' ' tput_format "Domain's NS Record(s):" dig $domain +short NS
@AlexGelinas4206913 күн бұрын
It brings Jennifer Garner up on screen and JJ Abrams adds a bunch of lens flare to your terminal
@Mister.BreadBoard14 күн бұрын
Thank you for sharing 👍
@mohamedabozaid214715 күн бұрын
Hi sir can you suggest me a good android emulator
@CorSecure15 күн бұрын
I prefer the official Android Studio emulator. Genymotion is another non-official one that a lot of people use, but I haven't used that one in several years. I have a video on my channel showing how to setup an emulator with Android Studio, but that video is pretty outdated. I'm planning on making an updated version soon.
@mohamedabozaid214715 күн бұрын
@@CorSecure got it thank you I was trying to use genymotion too, but I faced some problems, it needs arm translation too to run arm64-v8a or arm32-v7a apps, and I couldn't find a suitable file 😅
@CorSecure15 күн бұрын
That's one of the reasons I prefer the official emulator. It is always updated and supported by Android, and there is a ton of documentation available.
@mohamedabozaid214715 күн бұрын
@@CorSecure sure the official is always the best I am just trying to find an alternative because my pc isn't the strongest to run android studio
@mohamedabozaid214715 күн бұрын
@@CorSecure and thanks for your time
@srdomingo605015 күн бұрын
One of the best channels I saw on mobile security, thank you for sharing this material, I will wait for the second part
@serveladik15 күн бұрын
In what way is that hacking? Its just reading files in storage lol
@Mister.BreadBoard14 күн бұрын
Are you seriously bashing on the tutorial levels?? 😂😂
@agentphantom907616 күн бұрын
Thanks for the video. have learned a lot from you.
@nishantdalvi947016 күн бұрын
Interested in seeing you solving the further flags
@314Show16 күн бұрын
Thanks for your videos, I really like the mobile security bro
@CorSecure17 күн бұрын
You can download the Beetlebug app from GitHub here: github.com/hafiz-ng/Beetlebug
@Mathunknow17 күн бұрын
Ghidra please
@Co0k1em0n5t3r17 күн бұрын
How do you setup a android emulator. Could you do a video please noobie friendly
@CorSecure17 күн бұрын
I made a video about setting up an emulator a long time ago. You can find it on my channel. It's probably pretty out dated at this point though. It might be time to make a new one.
@isaacqadri18 күн бұрын
You're awesome
@CorSecure18 күн бұрын
Thanks! :)
@misterge316917 күн бұрын
Did that work?
@isaacqadri17 күн бұрын
@@misterge3169 unfortunately no. Though everything was successful, the still could not allow me to bypass ssl pinning.
@isaacqadri16 күн бұрын
i want to mention that objection was not able to bypass SSL pinning in the app i was testing, but with root access and with frida i was able to bypass SSL pinning here is the video from CorSecure kzbin.info/www/bejne/eILaqqxpaJ2Nl8k the frida is what worked for my case.