The IB community has recently introduced several new tools aimed at enhancing the safety of various platforms and applications. These developments cover a wide range of tasks, from analyzing browser extensions to checking for missing security updates in operating systems.
BootExecuteEDR is a tool developed by researcher Rad, designed to disable EDR (Endpoint Detection and Response) solutions using local native applications. The Boot Execute mechanism allows the launch of applications until Windows is fully initialized, potentially bypassing security tools. However, this method requires administrative privileges and access to system directories.
crxaminer is used to check Chrome extensions for vulnerabilities. This tool analyzes how extensions handle data and their permissions. CRXAMINER can be used both locally and online. The source code is available on Github, and the online version can be accessed on the official website.
malimite is a tool developed by specialist Lauriewireed for decompiling iOS applications. Built on Ghidra, the program supports SWIFT and Objective-C languages, as well as iOS resources. Malimite enables researchers to analyze and decode iPa files, providing deeper insights into the structure and functionality of iOS applications.
vanir is a tool developed by Google, designed to check for missing security updates in Android. Using static analysis of source code, Vanir identifies vulnerabilities and automates the testing process. Suitable for developers and Android device support teams, Vanir can be adapted for other ecosystems with minimal modifications.
These tools showcase various approaches to addressing security issues, ranging from application analysis to update checks. Each tool has its own potential applications in cybersecurity tasks, offering researchers and developers new avenues to explore and enhance data protection.