mobileAuditDjango application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (-98.63%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (-73.49%)
R2fridaRadare2 and Frida better together.
Stars: ✭ 610 (-94.03%)
aparoidStatic and dynamic Android application security analysis
Stars: ✭ 62 (-99.39%)
ApicheckThe DevSecOps toolset for REST APIs
Stars: ✭ 184 (-98.2%)
AdhritAndroid Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Stars: ✭ 399 (-96.09%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-98.17%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (-82.01%)
EngineDroidefense: Advance Android Malware Analysis Framework
Stars: ✭ 386 (-96.22%)
SaferwallA hackable malware sandbox for the 21st Century
Stars: ✭ 419 (-95.9%)
HabomalhunterHaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
Stars: ✭ 627 (-93.86%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (-82.88%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-97.88%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (-94.99%)
SDASDA is a rich cross-platform tool for reverse engineering that focused firstly on analysis of computer games. I'm trying to create a mix of the Ghidra, Cheat Engine and x64dbg. My tool will combine static and dynamic analysis of programs. Now SDA is being developed.
Stars: ✭ 98 (-99.04%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (-87.65%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-99.81%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (-98.68%)
guardrailsguardrails.cs.virginia.edu
Stars: ✭ 18 (-99.82%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (-99.46%)
sonarqube-actionIntegrate SonarQube scanner to GitHub Actions
Stars: ✭ 90 (-99.12%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-99.61%)
HttpieAs easy as /aitch-tee-tee-pie/ 🥧 Modern, user-friendly command-line HTTP client for the API era. JSON support, colors, sessions, downloads, plugins & more. https://twitter.com/httpie
Stars: ✭ 53,052 (+419.51%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-99.31%)
zap-sonar-pluginIntegrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (-99.35%)
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (-99.47%)
rair-coreRAIR: RAdare In Rust
Stars: ✭ 63 (-99.38%)
ethereum-dasmAn ethereum evm bytecode disassembler and static/dynamic analysis tool
Stars: ✭ 121 (-98.82%)
dependency-track-maven-pluginMaven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Stars: ✭ 28 (-99.73%)
jitanaA graph-based static-dynamic hybrid DEX code analysis tool
Stars: ✭ 35 (-99.66%)
ServerestAPIs REST simulando loja virtual para servir de estudo de testes de API de forma manual ou automatizada
Stars: ✭ 223 (-97.82%)
r2frida-bookThe radare2 + frida book for Mobile Application assessment
Stars: ✭ 38 (-99.63%)
aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (-99.29%)
cwe-sdk-javascriptA Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Stars: ✭ 18 (-99.82%)
tiroTIRO - A hybrid iterative deobfuscation framework for Android applications
Stars: ✭ 20 (-99.8%)
opemOPEM (Open Source PEM Fuel Cell Simulation Tool)
Stars: ✭ 107 (-98.95%)
malossTowards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
Stars: ✭ 46 (-99.55%)
MalScanA Simple PE File Heuristics Scanners
Stars: ✭ 41 (-99.6%)
mobsf-ciAll that is required to run MobSF in the ci
Stars: ✭ 37 (-99.64%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (-96.8%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (-97.21%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-99.67%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (-97.27%)
MedusaBinary instrumentation framework based on FRIDA
Stars: ✭ 258 (-97.47%)
EnlightnYour performance & security consultant, an artisan command away.
Stars: ✭ 378 (-96.3%)
qodana-action⚙️ Scan your Java, Kotlin, PHP, Python, JavaScript, TypeScript projects at GitHub with Qodana
Stars: ✭ 112 (-98.9%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (-96.9%)
GlueApplication Security Automation
Stars: ✭ 412 (-95.97%)
CrosshairAn analysis tool for Python that blurs the line between testing and type systems.
Stars: ✭ 586 (-94.26%)
AndromedaAndromeda - Interactive Reverse Engineering Tool for Android Applications
Stars: ✭ 627 (-93.86%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (-94.61%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (-93.8%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (-92.97%)