83 Open source projects that are alternatives of or similar to apkutil

Memory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking.

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

memory search and patch tool on debuggable apk without root & ndk

android proxy setting tool

Swiss army knife for identifying and fingerprinting Android devices.

A curated list of Android Security materials and resources For Pentesters and Bug Hunters

CWAC-Security: Helping You Help Your Users Defend Their Data

Django application that performs SAST and Malware Analysis for Android APKs

Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)

Android apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描

Automated Adversary Emulation Platform

A big list of Android Hackerone disclosed reports and other resources.

Oversecured Vulnerable Android App

Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.

CWAC-NetSecurity: Simplifying Secure Internet Access

Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A WebAuthn Authenticator for Android leveraging hardware-backed key storage and biometric user verification.

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

Android Mobile Device Hardening

Awesome Java Security Resources 🕶☕🔐

Chain Reactor is an open source framework for composing executables that simulate adversary behaviors and techniques on Linux endpoints.

Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki

Android Security Resources.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

用cel-go重现了长亭xray的poc检测功能的轮子

Radare2 and Frida better together.

Android library to reveal or obfuscate strings and assets at runtime

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

Сборная солянка полезных ссылок для QA/тестировщика. Ссылки будут постоянно пополняться.

软件安全工程师技能表

Scanning APK file for URIs, endpoints & secrets.

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

pure python remote adb scanner + nmap scan module

ndk进行简单的签名校验，密钥保护demo,android应用签名校验

"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" ACSAC 2019

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

Android process memory dump tool without ndk.

An app showcase of some techniques to improve Android app security

Biometric factors allow for secure authentication on the Android platform.

👓 Every link ever to Android Developer site.

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

Fuzz your Rust code with Google-developed Honggfuzz !

[OUTDATED & UNSUPPORTED] Droid Watcher - Android Spy Application

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Custom memory allocator that helps discover reads from uninitialized memory

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

Metasploit Cheat Sheet 💣

See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

This project intends to provide a series of tools to craft, parse, send, analyze and crack a set of LoRaWAN packets in order to audit or pentest the security of a LoraWAN infrastructure.

axplorer - Android Permission Mappings

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Swiss army knife for identifying and fingerprinting Android devices.

Gets in the way of your victim's traffic and out of yours

A repository for scripting a mobile attack toolchain

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

PINkman is a library to help implementing an authentication by a PIN code in a secure manner. The library derives hash from the user's PIN using Argon2 function and stores it in an encrypted file. The file is encrypted with the AES-256 algorithm in the GCM mode and keys are stored in the AndroidKeystore.

📚 Overview 🔒 Tooling 🔒 Process 🔒 Physical 🔒 People 📚