337 Open source projects that are alternatives of or similar to mobilehacktools

pure python remote adb scanner + nmap scan module

Data leak checker & OSINT Tool

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Android process memory dump tool without ndk.

Vagrant VirtualBox environment for conducting an internal network penetration test

Documentation:

Oversecured Vulnerable iOS App

Testowanie oprogramowania - Książka dla początkujących testerów

RunasCs - Csharp and open version of windows builtin runas.exe

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Django application that performs SAST and Malware Analysis for Android APKs

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

PowerAuth Mobile SDK for adds capability for authentication and transaction signing into the mobile apps (ios, watchos, android).

Oversecured Vulnerable Android App

(WIP) Runtime Application Instruments for iOS. Previously Passionfruit

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

(WIP) Runtime Application Instruments for iOS. Previously Passionfruit

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.

A Collection of Secure Mobile Development Best Practices

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

A list of useful payloads for Web Application Security and Pentest/CTF

Flutter Reverse Engineering Framework

PowerAuth - Open-source solution for authentication, secure data storage and transport security in mobile banking.

A stealthy Python based Windows backdoor that uses Github as a command and control server

VyAPI - A cloud based vulnerable hybrid Android App

log for articles and info in android for every developer

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

GSM Scanner, RTL-SDR, StingWatch, Meteor

Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.

Intentionally vulnerable Android application.

A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Hand-crafted Frida examples

A repository of telemetry domains and URLs used by mobile location tracking, user profiling, targeted marketing and aggressive ads libraries.

Scanning APK file for URIs, endpoints & secrets.

Various analysis of Android stalkerware

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

Git All the Payloads! A collection of web attack payloads.

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

A collection of pentest tools and resources targeting Hadoop environments

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

A fast and elegant extension for VSCode used for iOSre projects.

A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy

Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.

Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram

Unofficial frida extension for VSCode

Cloudlist is a tool for listing Assets from multiple Cloud Providers.

Source code for Hacker101.com - a free online web and mobile security class.

Modern alternative to dirbuster/dirb

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

A companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk

Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Mobile penetration testing android & iOS command cheatsheet

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

GSM Assessment Toolkit - A security evaluation framework for GSM networks