397 Open source projects that are alternatives of or similar to Damn-Vulnerable-Bank

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

GitHub Action to set up Fortify ScanCentral Client

A simple PHP application to learn SQL Injection detection and exploitation techniques.

CWAC-NetSecurity: Simplifying Secure Internet Access

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Android Security Resources.

memory search and patch tool on debuggable apk without root & ndk

Android library to reveal or obfuscate strings and assets at runtime

Oversecured Vulnerable Android App

Scanning APK file for URIs, endpoints & secrets.

Swiss army knife for identifying and fingerprinting Android devices.

"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" ACSAC 2019

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

An app showcase of some techniques to improve Android app security

Android apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描

[OUTDATED & UNSUPPORTED] Droid Watcher - Android Spy Application

Android Mobile Device Hardening

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

axplorer - Android Permission Mappings

👓 Every link ever to Android Developer site.

PINkman is a library to help implementing an authentication by a PIN code in a secure manner. The library derives hash from the user's PIN using Argon2 function and stores it in an encrypted file. The file is encrypted with the AES-256 algorithm in the GCM mode and keys are stored in the AndroidKeystore.

android proxy setting tool

Radare2 and Frida better together.

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

A curated list of Android Security materials and resources For Pentesters and Bug Hunters

软件安全工程师技能表

Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

CWAC-Security: Helping You Help Your Users Defend Their Data

ndk进行简单的签名校验，密钥保护demo,android应用签名校验

Verify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.