1413 Open source projects that are alternatives of or similar to Command Mobile Penetration Testing Cheatsheet

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

This action uploads artifacts (.apk or .ipa) to Visual Studio App Center.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Decompile React Native Android/IOS Bundle.

Django application that performs SAST and Malware Analysis for Android APKs

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

Most usable tools for iOS penetration testing

Hand-crafted Frida examples

Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.

📱 objection - runtime mobile exploration

Android Apps, Roms and Platforms for Pentesting

A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.

pure python remote adb scanner + nmap scan module

Cheat-Sheet of tools for penetration testing

Offensive Reverse Shell (Cheat Sheet)

OTA Server for both Android app and iOS app

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

This action uploads artifacts (.apk or .ipa) to Firebase App Distribution.

my oscp prep collection

Wireshark Cheat Sheet

Quickly analyze and reverse engineer Android packages

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Scanning APK file for URIs, endpoints & secrets.

Teardown tool for mobile app (ipa, apk and aab file) and dSYM.zip file, analysis metedata like version, name, icon etc.

Collection of the cheat sheets useful for pentesting

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

iOS/Android app deployment tool for macOS

Patch iOS Apps, The Easy Way, Without Jailbreak.

基于frida的安卓hook框架，提供了很多frida自身不支持的功能，将hook安卓变成简单便捷，人人都会的事情

Intentionally vulnerable Android application.

(WIP) Runtime Application Instruments for iOS. Previously Passionfruit

A javascript parser for parsing .ipa or .apk files. IPA/APK文件 js 解析器

Documentation:

Testowanie oprogramowania - Książka dla początkujących testerów

🚀 AppDeploy is the fastest way to get info on your mobile app & deploy it OTA without specific server configuration

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

A lightweight, scalable, mobile-first CSS framework

Apache Cordova Plugin contacts

Advanced Angular seed project with support for ngrx/store, ngrx/effects, ngx-translate, angulartics2, lodash, NativeScript (*native* mobile), Electron (Mac, Windows and Linux desktop) and more.

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

✒ A self-hosted, cross-platform service to sign and install iOS apps, all without a computer

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A polyfill for the sharing that can be used in desktop too, so your users can shere in their twitter, facebook, messenger, linkedin, sms, e-mail, print, telegram or whatsapp.

Helping junior developers navigate the complex world of software engineering without experiencing information overload.

🍹A static injector of dynamic library for application (android, iphoneos, macOS, windows, linux)

BottomSheet dialog library for Android

Android YOLO real time object detection sample application with Tensorflow mobile.

Guide, reference and cheatsheet on web scraping using rvest, httr and Rselenium.

JavaScript library for creating toggled off-canvas multi-level navigations, allowing endless nesting of submenu elements, supporting swipe gestures, keyboard interactions and ARIA attributes.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Apache Cordova Tooling Library

ZIO Cheat Sheet

Cheat sheets for various stuff