mobileAuditDjango application that performs SAST and Malware Analysis for Android APKs
Stars: ✭ 140 (-7.89%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (+13.82%)
Awesome Mobile SecurityAn effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+1108.55%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+6618.42%)
remote-adb-scanpure python remote adb scanner + nmap scan module
Stars: ✭ 19 (-87.5%)
AdhritAndroid Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Stars: ✭ 399 (+162.5%)
Dexcalibur[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
Stars: ✭ 512 (+236.84%)
Rms Runtime Mobile SecurityRuntime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
Stars: ✭ 1,194 (+685.53%)
dumproidAndroid process memory dump tool without ndk.
Stars: ✭ 55 (-63.82%)
ApkleaksScanning APK file for URIs, endpoints & secrets.
Stars: ✭ 2,707 (+1680.92%)
Bag Of HoldingAn application to assist in the organization and prioritization of software security activities.
Stars: ✭ 114 (-25%)
ReapsawReapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.
Stars: ✭ 37 (-75.66%)
Androl4bA Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
Stars: ✭ 908 (+497.37%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+372.37%)
Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (-15.79%)
Gda Android Reversing ToolGDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…
Stars: ✭ 2,332 (+1434.21%)
RailsgoatA vulnerable version of Rails that follows the OWASP Top 10
Stars: ✭ 699 (+359.87%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+4667.11%)
AmdhAndroid Mobile Device Hardening
Stars: ✭ 95 (-37.5%)
R2fridaRadare2 and Frida better together.
Stars: ✭ 610 (+301.32%)
IosreextensionA fast and elegant extension for VSCode used for iOSre projects.
Stars: ✭ 139 (-8.55%)
Awesome Android SecurityA curated list of Android Security materials and resources For Pentesters and Bug Hunters
Stars: ✭ 506 (+232.89%)
VyapiVyAPI - A cloud based vulnerable hybrid Android App
Stars: ✭ 75 (-50.66%)
Owasp VwadThe OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+220.39%)
Aproxandroid proxy setting tool
Stars: ✭ 34 (-77.63%)
Atfuzzer"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" ACSAC 2019
Stars: ✭ 128 (-15.79%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (+449.34%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-25.66%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+365.13%)
Web MethodologyMethodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Stars: ✭ 142 (-6.58%)
Kamus An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications
Stars: ✭ 694 (+356.58%)
Droid Watcher[OUTDATED & UNSUPPORTED] Droid Watcher - Android Spy Application
Stars: ✭ 103 (-32.24%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+316.45%)
Oob ServerA Bind9 server for pentesters to use for Out-of-Band vulnerabilities
Stars: ✭ 125 (-17.76%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+4025%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-52.63%)
Www CommunityOWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+169.08%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-17.76%)
PivaaCreated by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.
Stars: ✭ 71 (-53.29%)
Android SecurityAn app showcase of some techniques to improve Android app security
Stars: ✭ 125 (-17.76%)
AppmonDocumentation:
Stars: ✭ 1,157 (+661.18%)
W3afw3af: web application attack and audit framework, the open source web vulnerability scanner.
Stars: ✭ 3,804 (+2402.63%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+153.29%)
Nist Data MirrorA simple Java command-line utility to mirror the CVE JSON data from NIST.
Stars: ✭ 135 (-11.18%)
Axploreraxplorer - Android Permission Mappings
Stars: ✭ 68 (-55.26%)
Awesome Threat ModellingA curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Stars: ✭ 319 (+109.87%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+108.55%)
CoeusAndroid apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描
Stars: ✭ 122 (-19.74%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+5872.37%)
BadintentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (+99.34%)
Android Sitemap👓 Every link ever to Android Developer site.
Stars: ✭ 61 (-59.87%)