911 Open source projects that are alternatives of or similar to allsafe

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

Hand-crafted Frida examples

A big list of Android Hackerone disclosed reports and other resources.

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Cycript backend powered by Frida.

Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)

Scanning APK file for URIs, endpoints & secrets.

Binary instrumentation framework based on FRIDA

Droidefense: Advance Android Malware Analysis Framework

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Mobile penetration testing android & iOS command cheatsheet

Flutter Reverse Engineering Framework

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Documentation:

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

All about bug bounty (bypasses, payloads, and etc)

Penetration tests guide based on OWASP including test cases, resources and examples.

The Swiss Army knife for automated Web Application Testing

It's a Docker Environment for pentesting which having all the required tool for VAPT.

AirSpy - Frida-based tool for exploring and tracking the evolution of Apple's AirDrop protocol implementation on i/macOS, from the server's perspective. Released during BH USA 2019 Training https://www.nowsecure.com/event/advanced-frida-and-radare-a-hackers-delight/

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

This repo aims at providing practical examples on how to use r2frida

A more or less universal SSL unpinning tool for iOS

This Python script can be used to bypass IP source restrictions using HTTP headers.

One-click installer for Frida and Burp certs for SSL Pinning bypass

Radare2 and Frida better together.

A Frida script to disable SSL certificate pinning in a target application

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

The fastest way to test/generate/renew Let's Encrypt SSL certificates!!! Requires root access and a live webserver to run the script at.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Find endpoints on GitHub.

OpenSSH remote DOS exploit and vulnerable container

Mass querying whois records

All the mono c exports, ready to be used in frida!

Tool to automate the process of embedding dynamic libraries into iOS applications from GNU/Linux

A set of tools to work on Akamai v1 anti-bot solution. Current supported version: 1.70

Boxer: A fast directory bruteforce tool written in Python with concurrency.

Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.

Tool for detecting violations of ordering axioms in qsort/bsearch callbacks.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

pure python remote adb scanner + nmap scan module

A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.

Integrates OWASP Zed Attack Proxy reports into SonarQube

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

Build trust into your image by creating a blockchain certificate for it

Script to test open Akamai ARL vulnerability.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

edurekanet.herokuapp.com/

A Reddit bot that reverses gifs

Fast and customizable vulnerability scanner For JIRA written in Python

📱🛠 iOS Development Certificates

EasyBuggy clone built on Django

stealthy UM <-> KM communication system without creating any system threads, permanent hooks, driver objects, section objects or device objects.