remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-68.85%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (+288.52%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+937.7%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (-9.84%)
Capsulecorp PentestVagrant VirtualBox environment for conducting an internal network penetration test
Stars: ✭ 214 (+250.82%)
AppmonDocumentation:
Stars: ✭ 1,157 (+1796.72%)
RunascsRunasCs - Csharp and open version of windows builtin runas.exe
Stars: ✭ 216 (+254.1%)
BadintentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (+396.72%)
mobileAuditDjango application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (+129.51%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+4672.13%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+16640.98%)
powerauth-mobile-sdkPowerAuth Mobile SDK for adds capability for authentication and transaction signing into the mobile apps (ios, watchos, android).
Stars: ✭ 27 (-55.74%)
OvaaOversecured Vulnerable Android App
Stars: ✭ 152 (+149.18%)
grapefruit(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
Stars: ✭ 633 (+937.7%)
Androl4bA Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
Stars: ✭ 908 (+1388.52%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+295.08%)
Grapefruit(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
Stars: ✭ 235 (+285.25%)
PatatorPatator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
Stars: ✭ 2,792 (+4477.05%)
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
Stars: ✭ 216 (+254.1%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+2911.48%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (+247.54%)
reFlutterFlutter Reverse Engineering Framework
Stars: ✭ 698 (+1044.26%)
powerauth-cryptoPowerAuth - Open-source solution for authentication, secure data storage and transport security in mobile banking.
Stars: ✭ 48 (-21.31%)
CanisrufusA stealthy Python based Windows backdoor that uses Github as a command and control server
Stars: ✭ 207 (+239.34%)
VyapiVyAPI - A cloud based vulnerable hybrid Android App
Stars: ✭ 75 (+22.95%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (+183.61%)
SDR-DetectorGSM Scanner, RTL-SDR, StingWatch, Meteor
Stars: ✭ 56 (-8.2%)
PivaaCreated by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.
Stars: ✭ 71 (+16.39%)
allsafeIntentionally vulnerable Android application.
Stars: ✭ 135 (+121.31%)
MyJWTA cli for cracking, testing vulnerabilities on Json Web Token(JWT)
Stars: ✭ 92 (+50.82%)
BadIntentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 316 (+418.03%)
mobiletrackersA repository of telemetry domains and URLs used by mobile location tracking, user profiling, targeted marketing and aggressive ads libraries.
Stars: ✭ 118 (+93.44%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+4337.7%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+1059.02%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+4591.8%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (+3308.2%)
Hadoop Attack LibraryA collection of pentest tools and resources targeting Hadoop environments
Stars: ✭ 228 (+273.77%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (+739.34%)
Pentest WikiPENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Stars: ✭ 2,668 (+4273.77%)
IosreextensionA fast and elegant extension for VSCode used for iOSre projects.
Stars: ✭ 139 (+127.87%)
DoxycannonA poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (+254.1%)
AdhritAndroid Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Stars: ✭ 399 (+554.1%)
Hackers Tool KitIts a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (+245.9%)
Vscode FridaUnofficial frida extension for VSCode
Stars: ✭ 221 (+262.3%)
CloudlistCloudlist is a tool for listing Assets from multiple Cloud Providers.
Stars: ✭ 207 (+239.34%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+19975.41%)
DirstalkModern alternative to dirbuster/dirb
Stars: ✭ 210 (+244.26%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+3722.95%)
AppAuth-OAuth2-Books-DemoA companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk
Stars: ✭ 22 (-63.93%)
keyscopeKeyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
Stars: ✭ 369 (+504.92%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+129.51%)
Rms Runtime Mobile SecurityRuntime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Stars: ✭ 1,194 (+1857.38%)
gsm-assessment-toolkitGSM Assessment Toolkit - A security evaluation framework for GSM networks
Stars: ✭ 60 (-1.64%)