ipa-meditMemory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking.
Stars: ✭ 141 (+171.15%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+509.62%)
Apk Meditmemory search and patch tool on debuggable apk without root & ndk
Stars: ✭ 189 (+263.46%)
Aproxandroid proxy setting tool
Stars: ✭ 34 (-34.62%)
Fingerprint AndroidSwiss army knife for identifying and fingerprinting Android devices.
Stars: ✭ 146 (+180.77%)
Awesome Android SecurityA curated list of Android Security materials and resources For Pentesters and Bug Hunters
Stars: ✭ 506 (+873.08%)
Cwac SecurityCWAC-Security: Helping You Help Your Users Defend Their Data
Stars: ✭ 294 (+465.38%)
mobileAuditDjango application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (+169.23%)
Awesome Reverse EngineeringReverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)
Stars: ✭ 2,954 (+5580.77%)
CoeusAndroid apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描
Stars: ✭ 122 (+134.62%)
CalderaAutomated Adversary Emulation Platform
Stars: ✭ 3,126 (+5911.54%)
OvaaOversecured Vulnerable Android App
Stars: ✭ 152 (+192.31%)
AdhritAndroid Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Stars: ✭ 399 (+667.31%)
Cwac NetsecurityCWAC-NetSecurity: Simplifying Secure Internet Access
Stars: ✭ 239 (+359.62%)
CheckoutVerifierVerify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.
Stars: ✭ 48 (-7.69%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+3432.69%)
android-webauthn-authenticatorA WebAuthn Authenticator for Android leveraging hardware-backed key storage and biometric user verification.
Stars: ✭ 101 (+94.23%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-26.92%)
AmdhAndroid Mobile Device Hardening
Stars: ✭ 95 (+82.69%)
Chain ReactorChain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.
Stars: ✭ 206 (+296.15%)
Web MethodologyMethodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Stars: ✭ 142 (+173.08%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+19538.46%)
Gopoc用cel-go重现了长亭xray的poc检测功能的轮子
Stars: ✭ 124 (+138.46%)
R2fridaRadare2 and Frida better together.
Stars: ✭ 610 (+1073.08%)
AndroidlibraryAndroid library to reveal or obfuscate strings and assets at runtime
Stars: ✭ 162 (+211.54%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (+884.62%)
Links-QAСборная солянка полезных ссылок для QA/тестировщика. Ссылки будут постоянно пополняться.
Stars: ✭ 42 (-19.23%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+5105.77%)
Kunpengkunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
Stars: ✭ 1,242 (+2288.46%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-63.46%)
SecurityDemondk进行简单的签名校验,密钥保护demo,android应用签名校验
Stars: ✭ 22 (-57.69%)
Atfuzzer"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" ACSAC 2019
Stars: ✭ 128 (+146.15%)
Damn-Vulnerable-BankDamn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
Stars: ✭ 379 (+628.85%)
Android Pin BruteforceUnlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
Stars: ✭ 217 (+317.31%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (+5.77%)
Android SecurityAn app showcase of some techniques to improve Android app security
Stars: ✭ 125 (+140.38%)
Android Sitemap👓 Every link ever to Android Developer site.
Stars: ✭ 61 (+17.31%)
DeltaPROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK
Stars: ✭ 55 (+5.77%)
Honggfuzz RsFuzz your Rust code with Google-developed Honggfuzz !
Stars: ✭ 222 (+326.92%)
Droid Watcher[OUTDATED & UNSUPPORTED] Droid Watcher - Android Spy Application
Stars: ✭ 103 (+98.08%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (+315.38%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+315.38%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (+182.69%)
Rms Runtime Mobile SecurityRuntime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Stars: ✭ 1,194 (+2196.15%)
ezEmuSee adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
Stars: ✭ 89 (+71.15%)
LafThis project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.
Stars: ✭ 119 (+128.85%)
Axploreraxplorer - Android Permission Mappings
Stars: ✭ 68 (+30.77%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (+19.23%)
fingerprintjs-androidSwiss army knife for identifying and fingerprinting Android devices.
Stars: ✭ 336 (+546.15%)
LauschgeraetGets in the way of your victim's traffic and out of yours
Stars: ✭ 25 (-51.92%)
mobilehacktoolsA repository for scripting a mobile attack toolchain
Stars: ✭ 61 (+17.31%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (+232.69%)
PinkmanPINkman is a library to help implementing an authentication by a PIN code in a secure manner. The library derives hash from the user's PIN using Argon2 function and stores it in an encrypted file. The file is encrypted with the AES-256 algorithm in the GCM mode and keys are stored in the AndroidKeystore.
Stars: ✭ 59 (+13.46%)