BadintentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (-4.11%)
AppmonDocumentation:
Stars: ✭ 1,157 (+266.14%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (-82.59%)
Burp Molly ScannerTurn your Burp suite into headless active web application vulnerability scanner
Stars: ✭ 146 (-53.8%)
gsm-assessment-toolkitGSM Assessment Toolkit - A security evaluation framework for GSM networks
Stars: ✭ 60 (-81.01%)
Rms Runtime Mobile SecurityRuntime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Stars: ✭ 1,194 (+277.85%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-93.99%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+100.32%)
Burp ExporterExporter is a Burp Suite extension to copy a request to the clipboard as multiple programming languages functions.
Stars: ✭ 122 (-61.39%)
U2cUnicode To Chinese -- U2C : A burpsuite Extender That Convert Unicode To Chinese 【Unicode编码转中文的burp插件】
Stars: ✭ 83 (-73.73%)
reFlutterFlutter Reverse Engineering Framework
Stars: ✭ 698 (+120.89%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+481.33%)
mobileAuditDjango application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (-55.7%)
Grapefruit(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
Stars: ✭ 235 (-25.63%)
powerauth-mobile-sdkPowerAuth Mobile SDK for adds capability for authentication and transaction signing into the mobile apps (ios, watchos, android).
Stars: ✭ 27 (-91.46%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+3131.65%)
Headless BurpAutomate security tests using Burp Suite.
Stars: ✭ 192 (-39.24%)
burp-aem-scannerBurp Scanner extension to fingerprint and actively scan instances of the Adobe Experience Manager CMS. It checks the website for common misconfigurations and security holes.
Stars: ✭ 60 (-81.01%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-58.54%)
Androl4bA Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
Stars: ✭ 908 (+187.34%)
SwurgParse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in their official BApp Store).
Stars: ✭ 94 (-70.25%)
OvaaOversecured Vulnerable Android App
Stars: ✭ 152 (-51.9%)
Burpsuite CollectionsBurpSuite收集:包括不限于 Burp 文章、破解版、插件(非BApp Store)、汉化等相关教程,欢迎添砖加瓦---burpsuite-pro burpsuite-extender burpsuite cracked-version hackbar hacktools fuzzing fuzz-testing burp-plugin burp-extensions bapp-store brute-force-attacks brute-force-passwords waf sqlmap jar
Stars: ✭ 1,081 (+242.09%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+224.68%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+3775.32%)
IosreextensionA fast and elegant extension for VSCode used for iOSre projects.
Stars: ✭ 139 (-56.01%)
AppAuth-OAuth2-Books-DemoA companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk
Stars: ✭ 22 (-93.04%)
burp-wildcardBurp extension intended to compact Burp extension tabs by hijacking them to own tab.
Stars: ✭ 119 (-62.34%)
powerauth-cryptoPowerAuth - Open-source solution for authentication, secure data storage and transport security in mobile banking.
Stars: ✭ 48 (-84.81%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+637.97%)
SDR-DetectorGSM Scanner, RTL-SDR, StingWatch, Meteor
Stars: ✭ 56 (-82.28%)
VyapiVyAPI - A cloud based vulnerable hybrid Android App
Stars: ✭ 75 (-76.27%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (-57.28%)
Vscode FridaUnofficial frida extension for VSCode
Stars: ✭ 221 (-30.06%)
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (-35.76%)
PivaaCreated by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.
Stars: ✭ 71 (-77.53%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-48.73%)
mobiletrackersA repository of telemetry domains and URLs used by mobile location tracking, user profiling, targeted marketing and aggressive ads libraries.
Stars: ✭ 118 (-62.66%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-54.43%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (-45.25%)
Struts2 RceA Burp Extender for checking for struts 2 RCE vulnerabilities.
Stars: ✭ 114 (-63.92%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+123.73%)
CstcCSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
Stars: ✭ 91 (-71.2%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-74.05%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (+62.03%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+756.65%)
grapefruit(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
Stars: ✭ 633 (+100.32%)
burp-token-rewriteBurp extension for automated handling of CSRF tokens
Stars: ✭ 15 (-95.25%)
mobilehacktoolsA repository for scripting a mobile attack toolchain
Stars: ✭ 61 (-80.7%)
AdhritAndroid Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Stars: ✭ 399 (+26.27%)
Log Requests To SqliteBURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
Stars: ✭ 44 (-86.08%)