Android 7 Cellular MiTM
Tue, 24 Oct 2017

Performing security assessments of complex systems sometimes requires some technical gymnastics to "man-in-the-middle" (MITM) communications between components. MITM techniques are essential for observing and manipulating communications in ways that a developer may not have anticipated. As system defenses improve the task of setting up a MITM environment for a system …

MiTM using Golang, meet Timmy
Tue, 08 Nov 2016

This post is an introduction to Timmy (Tiny evil man in the middle). There are a lot of MiTM tools used to assess software that communicates via TCP/IP. They all have a few basic ingredients, but often differ stylistically or in their intended use cases. Burp can do invisible …

Wear's the MITM?
Wed, 19 Oct 2016

Recently, we needed to man-in-the-middle TLS traffic coming from an Android Wear application. On a regular Android app, this would be an easy thing to do, but we started to run into trouble pretty quickly on the only Android watch that we had at our disposal, the 1st generation LG …