Intercepting Flutter app traffic

Posted on by David Vassallo

Introduction this is an extract and sample of some of the work we do while pentesting in CyberSift Flutter and the underlying dart engine do not respect certificate and proxy system settings. Sometimes, frameworks like reFlutter dont work 😢 The below helps get around this. The idea at a high level is to: Setup a … Continue reading Intercepting Flutter app traffic

Lessons Learned: Building statically-linked Rust binaries (OpenSSL)

Posted on by David Vassallo

In a couple of modules which used in CyberSift, Rust is slowly making an appearance, depending on the use-case at hand. Generally we develop in GoLang, and one of the advantages was the resulting binary, which pretty much ran anywhere as long as the right architecture and OS are used. We could develop on Ubuntu, … Continue reading Lessons Learned: Building statically-linked Rust binaries (OpenSSL)