Jan Seredyński
@janseredynski
Followers
164
Following
767
Media
4
Statuses
59
Mobile Security
Warszawa, Polska
Joined August 2014
SQL Injection is still present in 2023 on mobile platforms 📱. If you think iOS is more secure than Android because it’s difficult to misconfigure, this article will change your mind! Happy to share my very first CVE-2023-41387. #MobileSecurity #flutter
https://t.co/4dNWJdsHe6
seredynski.com
SQL Injection and app Misconfiguration are big a threat in mobile app landscape. Here is a story of One Flutter package that made Thousands apps vulnerables.
0
4
20
No permissions. No root. Just pixels. Pixnapping-style attacks (CVE-2025-48561) can leak what’s displayed by other Android apps. We recreated the attack + tested mitigations devs can apply now —> https://t.co/3oyVT3G3zz
#AndroidDevelopers #SecurityResearch #AppSecurity
guardsquare.com
Learn how Android developers can detect and prevent Pixnapping-style attacks. Discover key strategies to protect user data from screen capture threats.
0
4
2
Jeśli interesujesz się malware na Androida, to nagranie mojej prezentacji z ostatniego The Hack Summit jest już dostępne na YouTube. Zachęcam do obejrzenia! 👾📱 #android #malware
🔻Malware w mobilnych aplikacjach bankowych - czyli jak stracić pieniądze w mgnieniu oka 🔻Jan Seredyński @janseredynski
https://t.co/7XspWlIVfC
0
0
8
Two years ago, I accidentally dropped my iPhone XS into the sea. It didn’t turn on anymore. Today, I plugged it into the charger. To my surprise, it works again. 🍎 <3
1
0
8
An excellent course from two best mobile security experts 🔥🔥 Don't miss out.
Hey all - @enovella_ and I are hosting an in-person @radareorg / @fridadotre (r2frida) mobile security training course in Dubai, 16-18 Oct 2023. Wanna come learn how to use the most powerful mobile reversing tools combined into one? Grab yourself a ticket:
0
0
4
A random tip: you can install a dumped iOS app on your Mac with Apple Silicon. Just resign the IPA with your developer certificate and make sure your Mac is listed on the provisioning profile.
0
0
5
For those who want to know the price for similar exploits
0
0
2
Apple vs Polish government saying they don't use #PegasusSpyware hacking tool on lawyers and the opposition. 📱
Właśnie otrzymałam alert @AppleSupport o możliwym cyberataku na mój telefon ze strony służb państwowych. Ze wskazaniem, że mogę być celem ataku ze względu na to co robię lub kim jestem. Ostrzeżenie potraktuję poważnie bo poprzedziły je inne incydenty @ZiobroPL czy to przypadek?
1
0
2
Excited to talk at @CONFidenceConf about mobile app security. Get ready for real-world case studies on hacked apps and games.
Please welcome our next speaker - @janseredynski , who is a #mobile #security researcher and #pentester, who also has over five years of experience in mobile app development. 👏 He will present the lecture: “How Mobile Game Cheats unlock App Security Lessons”.🤖
0
0
9
Guardsquare is looking for a Security Researcher to join the team! Have a look at the job description here: https://t.co/7DoZcKtWIt
#hiring #jobs
0
2
2
Well described Mach ports with a practical example. Recommend to all iOS folks in #MobileSecurity Waiting for the next article!
Starting new series today covering my attempt to get to know XNU IPC better. First up, Mach messages 🙌 https://t.co/4fLaMA32Ce
1
0
4
There is a new way to do SSL Pinning on iOS. You just need to add one value to Info.plist. #ios #iOSDev #MobileSecurity
guardsquare.com
Apple’s method of certificate SSL pinning on iOS can be bypassed. Learn how to use NSPinnedCAIdentities, NSPinnedDomains, and more to boost app security.
0
0
2
Cheats in mobile games are easily accessible to anyone. Have a look how easy it is to overwrite the number of diamonds directly in memory in Top Mobile Games in 2021. & Make sure to protect your game! 💎📱 #MobileSecurity #ios #iosdev
It doesn't take years of #ReverseEngineering experience to cheat in #MobileGames. We use @fridadotre, #lldb, and even #xcode debugger to pamper our #ios Tamagotchi. We’ll show how & give a few tips for the game developers inside: https://t.co/uXeOz97Kai
#gamedev #appdev #appsec
0
2
6
Tomorrow I will give a webinar about cheating in mobile games on #ios and #android. Come and learn how hackers walk through walls in games and bypass payments in apps? I'll also show how to protect your app against these attacks. #MobileSecurity
We created cheats for mobile games using reverse engineering techniques, and built a mobile app security model from it! Join us on March 4th to find out more @DZoneInc: https://t.co/NNsGyGq0YV
#gamedev #devsec #appsec #mobilegaming #devsecops
0
1
10
Joining the cicuta_virosa by @ModernPwner hype with a little write up on finding offsets for iPhone X running iOS 14.0.1 🙇♂️
dmcyk.xyz
Finding offsets to use with iOS LPE exploit `cicuta_virosa` by @ModernPwner on iPhone X running iOS 14.0.1
1
1
1
With some reverse-engineering and @fridadotre magic, we play mobile games in ways developers never intended. Check out our teleporting in Bomberman + our tips on how to prevent it: https://t.co/dqcOUXCygR
#appdev #gamedev #appsec #iosdev #mobilesecurity
guardsquare.com
Explore how hackers intercept and manipulate network traffic in mobile multiplayer games hacks, and get actionable tips to defend against these attacks.
0
7
11
No need to disable SIP 1. Resign the app 2. Install IPA by double-clicking 3. lldb -n AppName 4. frida AppName // hangs until the next step 5. quit lldb
You can use frida or lldb to hook or debug iOS apps on MacBook with M1 chip. hits: disable SIP and resign apps.
2
3
9
