343 Open source projects that are alternatives of or similar to reFlutter

The fastest dork scanner written in Go.

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

Automation for javascript recon in bug bounty.

Subdomain takeover vulnerability checker

Fully automated offensive security framework for reconnaissance and vulnerability scanning

An automated approach to performing recon for bug bounty hunting and penetration testing.

An automated target reconnaissance pipeline.

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

This repository created for personal use and added tools from my latest blog post.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Awesome cloud enumerator

PHP Security Check List [ EN ] 🌋 ☣️

Pentest/BugBounty progress control with scanning modules

Automated All-in-One OS Command Injection Exploitation Tool.

Web path scanner

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Good resources about web security that I have read.

Extract server and IP address information from Browser SSRF

A python tool to check subdomain takeover vulnerability

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

(WIP) Runtime Application Instruments for iOS. Previously Passionfruit

Unofficial frida extension for VSCode

Mobile penetration testing android & iOS command cheatsheet

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

Oversecured Vulnerable Android App

Testowanie oprogramowania - Książka dla początkujących testerów

A fast and elegant extension for VSCode used for iOSre projects.

GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, dat…

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

VyAPI - A cloud based vulnerable hybrid Android App

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.

Documentation:

Hand-crafted Frida examples

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

[Official] Android reverse engineering tool focused on dynamic instrumentation automation. Powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.

A Collection of Secure Mobile Development Best Practices

Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.

Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

Source code for Hacker101.com - a free online web and mobile security class.

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and macOS applications.

Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.