By "extensibility" does this mean the ability to write your own extensions? Being able to develop and contribute plugins back to the community (similar to Burp's BApp store) could really accelerate the competitiveness of Caido up against Burp.
Caido[1] a interception proxy written in Rust, is positioning itself as a "lightweight" alternative to Burp. It can't compete yet with Burp in terms of functionality, although the product is certainly looking promising.
Perhaps the only contender to Burp in respect to functionality/features is ZAP[2].
EDIT: You can run your own collaborator type setup with Project discovery's interactsh[3].
Further EDIT: A downvote might be because of the mention of Rust / closed source - this is explicitly mentioned because a large pain point for Burp is it's a Java memory hog. If Caido was written in C++ with Qt, this fact would be notable for the exact same reason.
This is not a new plugin; it (and similar extensions) have been available for Burp and a staple for testers for a few years now.
Automating authorisation checks has less to do with novelty seeking and more to do with the practicalities of ensuring adequate coverage within the assigned engagement time frame.
"There is a part of the talk where I am trying to perform a little bit.. the thing that I'm also talking about. My background is in art .. and we always try to think about form and content being kind of the same thing.."
This is a notable differentiation - Writing assembly is a different skill to reading it from a disassembly. Reverse engineering, malware analysis etc. does not inherently require you to be able to write asm, although it certainly would help.
SSID / BSSID is often enough to pinpoint the location. Recently someone debated this with me, so I asked him what his wifi AP name was, then proceeded to provide their home address.
Recently having stumbled across the VSCode shellcheck plugin[1] - it's been particularly educational as it provides not only corrections but improvement tips. For example the common practice of:
if [ $? -ne 0 ]; then
Will get flagged and an improvement will be suggested with an explanation on why [2]
Cal Newport, the author of 'Deep Work'[1] releases frequent content on Youtube [2] that attempts to address the kind of challenges expressed by the author.
Pikuma has a 25 hour “NES Programming with 6502 Assembly” that is both accessible to beginners with little to no prior knowledge and being packed with content. [1]
He also has other interesting courses which touch upon “retro” programming in a very accessible manner. [2]
I'm confused by what you mean here, could you elaborate?
For clarification - you purchase the hardware then you are required to download the phone application. You find this app by scanning the QR code printed on the physical device's box. This app is free. It does not link to a premium version.
> The article seems to be suggesting the device itself is gathering data and reporting back covertly ... but I believe it's just the AMap library included by the app developer doing its thing.
If this is the take away, then I need to think about how I have phrased things. The GPS co-ordinates are sent two separate companies:
1) The Bluetooth device developer (bm2.quicklynks.com)
2) AMap (dualstack-cgicol.amap.com)
Looking at the decomplication and HTTP REST messages, it is very clear the app developer is deliberately sending GPS to their servers. They send a JSON object with the battery voltages, bluetooth device address and lat/lng in the same request.
The cell data, wifi beacon data - this is exclusively collected by AMap services and is not apparent without investing significant time reverse engineering their SDK.
> They will kick you out the store if they detect you're lying about the permission
You have to wonder how long this app never got taken down. Permissions declared in the manifest do not always equate to them being used.
Google could cross reference the privacy statement that the developer published against the manifest. That would have got it flagged.
The actual code that calls android.content.Context.checkCallingOrSelfPermission() obfuscates the permission strings in many places - bypassing static code analysis checks.