This is your work, valued
jdwp-lib-injector. Python
★ 78AndroidSubstrate_hookingC_examples. AndroidSubstrate_hookingC_examples
★ 56cert-pinning-flaw-poc. Simple script for testing CVE-2016-2402 and similar flaws
★ 13public_talks.
★ 11certPinningVulnerableOkHttp. OkHttp sample app vulnerable to CVE-2016-2402
★ 10AndroidEagleEye. An Xposed and adbi based module which is capable of hooking both Java and Native methods targeting Android OS.
★ 2ASA-WG.
★ 1secure-mobile-development. Secure Mobile Development - A collection of best practices
★ 1AndroidGotHook. GOT Hook implemented in Android
★ 1fromthetransistor. From the Transistor to the Web Browser, a rough outline for a 12 week course
★ 6.7kfrida-detection. A couple of methods for detecting Frida on Android.
★ 496YalpStore. Download apks from Google Play Store
★ 2.5ksecure-ios-app-dev. Collection of the most common vulnerabilities found in iOS applications
★ 1.4kLibScout. LibScout: Third-party library detector for Java/Android apps
★ 308Auditor. Hardware-based attestation and intrusion detection app for Android. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
★ 676AndroidAttacher. IDA debugging plugin for android armv7 so
★ 87research.
★ 2.2ksyscall_intercept. The system call intercepting library
★ 671DVRF. The Damn Vulnerable Router Firmware Project
★ 718manticore. Symbolic execution tool
★ 3.9kTaLoS. Efficient TLS termination inside Intel SGX enclaves for existing applications
★ 109ida. Python
★ 1.4kFrida-Android-Scripts. Some frida scripts
★ 141frida-java-bridge. Java runtime interop from Frida
★ 412ios-deploy. Install and debug iPhone apps from the command line, without using Xcode
★ 3.6kandrowarn. Yet another static code analyzer for malicious Android applications
★ 531android-classyshark. Android and Java bytecode viewer
★ 7.6kMARA_Framework. MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
★ 668droid-hunter. (deprecated) Android application vulnerability analysis and Android pentest tool
★ 310redexer. The Redexer binary instrumentation framework for Dalvik bytecode
★ 174dex-oracle. A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
★ 505apkstudio. Open-source, cross platform Qt6 based IDE for reverse-engineering Android application packages. It features a friendly IDE-like layout including code editor with syntax highlighting support for *.smali code files.
★ 4.3kRemoteDroidGuard. Service to run Google's DroidGuard binary in an isolated environment
★ 128Inspeckage. Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
★ 3kflare-floss. FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
★ 4.1khasper. a port of Ghost's casper theme for Hugo
★ 22fridump. A universal memory dumper using Frida
★ 855Tracer. Set of Dynamic Binary Instrumentation and visualization tools for execution traces.
★ 329Deadpool. Repository of various public white-box cryptographic implementations and their practical attacks.
★ 687AES. Implementations of white-box AES constructions and their cryptanalyses.
★ 226ARES. ARES: Android Reverse Engineering Suite is a security suite for analyzing Android .apk files.
★ 30drammer. Native binary for testing Android phones for the Rowhammer bug
★ 487APKiD. Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
★ 2.5kmastg. The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.
★ 13kmasvs. The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
★ 2.4kjeb-androsig. Android Library Code Recognition
★ 85cwac-netsecurity. CWAC-NetSecurity: Simplifying Secure Internet Access
★ 239safetynethelper. SafetyNet Helper wraps the Google Play Services SafetyNet.API and verifies Safety Net API response with the Android Device Verification API.
★ 339ProbeDroid. A SDK for the creation of analysis tools without obtaining app source code in order to profile runtime performance, examine code coverage, and track high-risk behaviors of a given app on Android 5.0 and above.
★ 204SmartThingsAnalysisTools. SmartThings Analysis Tools
★ 25android-overlay-malware-example. Harmless Android malware using the overlay technique to steal user credentials.
★ 89JAADAS. Joint Advanced Defect assEsment for android applications
★ 352TinyInjector. Shared Library Injector on Android
★ 159Stingray. IDAPython plugin for finding function strings recursively
★ 133hooker. Hooker is an opensource project for dynamic analyses of Android applications. This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application.
★ 415Android-Inline-Hook. thumb16 thumb32 arm32 inlineHook in Android
★ 1.4kmethodHook. 通过Xposed框架hook android的敏感函数,具体参考https://github.com/halfkiss/ZjDroid, 并添加了相应的函数
★ 72sslsplit. Transparent SSL/TLS interception
★ 1.9kAndroidGotHook. GOT Hook implemented in Android
★ 77cydiasubstrate_hooktools. Java 与 jni 部分函数Hook项目
★ 60jniostorlab. JNI method enumeration in ELF files
★ 50gomo. Wiki pages about Android internals
★ 240ApkSecurityAnalysis. ApkSecurityAnalysis
★ 65Inject-Hook. for android
★ 163appmon. Documentation:
★ 1.6knogotofail. An on-path blackbox network traffic security testing tool
★ 2.9knogotofail-pii. This is a fork of the nogotofail project also found on GitHub (https://github.com/google/nogotofail). This project adds tests for detecting common privacy issues in mobile application network traffic.
★ 9axmlprinter. Library for parsing and printing compiled Android manifest files
★ 261vsaq. VSAQ is an interactive questionnaire application to assess the security programs of third parties.
★ 861bintut. Teach you a binary exploitation for great good.
★ 294smali_emulator. This software will emulate a smali source file generated by apktool.
★ 474Swift.nV. Security Training Tool that demonstrates common mobile application vulnerabilities using Swift in iOS
★ 179crass. Code Review Audit Script Scanner
★ 144firmwalker. Script for searching the extracted firmware file system for goodies!
★ 1.2kMobileApp-Pentest-Cheatsheet. The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
★ 5.2kbaredroid. Python
★ 89AndroidKernelExploitationPlayground. C
★ 571libsodium-jni. (Android) Networking and Cryptography Library (NaCL) JNI binding. JNI is utilized for fastest access to native code. Accessible either in Android or Java application. Uses SWIG to generate Java JNI bindings. SWIG definitions are extensible to other languages.
★ 189Marvin-static-Analyzer. Marvin static analyzer is an Android application vulnerability scanner. The framework uses androguard and Static Android Analysis Framework (SAAF).
★ 69dnSpy. .NET debugger and assembly editor
★ 30kdeobfuscator. The real deal
★ 1.7kAllHookInOne. C++
★ 492maline. Android Malware Detection Framework
★ 81syms2elf. A plugin for Hex-Ray's IDA Pro and radare2 to export the symbols recognized to the ELF symbol table
★ 218idataco. IDATACO IDA Pro Plugin
★ 45jeb-samplecode. Sample scripts and extensions for JEB Decompiler.
★ 223oatdump_plus. Extended oatdump from AOSP platform/art repo
★ 137ysoserial. A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
★ 9kPUMA. Programmable UI-Automation Framework for Dynamic App Analysis
★ 48fsmon. Filesystem monitor tool for Linux/Android iOS/macOS
★ 1kmarvin-django. Marvin-django is the UI/database part of the Marvin project. Marvin is a platform for security analysis of Android apps.
★ 74okhttp. Square’s meticulous HTTP client for the JVM, Android, and GraalVM.
★ 47kSSLCertificateChecker-PhoneGap-Plugin. :passport_control: Prevent Man in the Middle attacks with this Cordova plugin
★ 158ADBI. Android Dynamic Binary Instrumentation tool for tracing Android native layer
★ 318substrate. by @saurik, compatible with iOS 5
★ 46diva-android. DIVA Android - Damn Insecure and vulnerable App for Android
★ 1.1kbytecode-viewer. A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
★ 16ksee. Sandboxed Execution Environment
★ 822Android-InsecureBankv2. Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
★ 1custom-tabs-client. Chrome custom tabs examples
★ 1.4kfrida-presentations. Public presentations given on Frida at conferences
★ 102AndroBugs_Framework. AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows.
★ 1.2kELF-ARM-HOOK-Library. It's very similiar to Substrate. But I give you three methods to do HOOK.
★ 213aamo. AAMO: Another Android Malware Obfuscator
★ 127android-post-webview. Java
★ 149ZjDroid. Android app dynamic reverse tool based on Xposed framework.
★ 4jebPlugins. Various Jeb plugins, including obfuscation restore
★ 15dexposed. dexposed enable 'god' mode for single application.
★ 2AuditDroid. AduitDroid
★ 119HelloSwift. Java
★ 176AndroidEagleEye. An Xposed and adbi based module which is capable of hooking both Java and Native methods targeting Android OS.
★ 474TheSevenWeapons. 安卓动态调试七种武器
★ 683enjarify. Python
★ 2.7kNoDeviceCheck. [Xposed module] Disable device compatibility check
★ 85AndFix. AndFix is a library that offer hot-fix for Android App.
★ 7kandroid-lint-checks. Java
★ 4dexinfo. A very rudimentary Android DEX file parser
★ 65uiautomator. Python wrapper of Android uiautomator test tool.
★ 2.1kXposed. The native part of the Xposed framework (mainly the modified app_process binary).
★ 7.7kXposedBridge. The Java part of the Xposed framework.
★ 4.1krootcloak. Open source module for Xposed Framework that hides root from specific apps
★ 2training. Training materials crafted and publicly provided by Red Naga members
★ 430DexHook. DexHook is a xposed module for capturing dynamically loaded dex files.
★ 132DexHunter. General Automatic Unpacking Tool for Android Dex Files
★ 1.4kqark. Tool to look for several security related Android application vulnerabilities
★ 3.4kfuzz_zone. Fuzzing utility which enables sending arbitrary SCMs to TrustZone
★ 62qseecom_modifications. Modifications in the qseecom driver which enable FuzzZone to operate
★ 25MSM8974_exploit. Full TrustZone exploit for MSM8974
★ 144mate7_TZ_exploit. Huawei mate 7 TrustZone exploit
★ 109native-shim. A "shim" for loading native jni files for Android active debugging
★ 181seal. SEAndroid Analytics Library for live device analysis
★ 59samsung-ime-rce-poc. Samsung Remote Code Execution as System User
★ 127preeny. Some helpful preload libraries for pwning stuff.
★ 1.7kldpreloadhook. a quick open/close/ioctl/read/write/free function hooker
★ 194JEB-sample-scripts. Sample Scripts for JEB(Android Interactive Decompiler)
★ 24myJEBPlugins. Scripts and Plugins for JEB
★ 17armhook-core. Core of Linux hooking engine for ARM architecture
★ 22armhook. Linux hooking engine for ARM architecture
★ 16create_ap. [NOT MAINTAINED] This script creates a NATed or Bridged WiFi Access Point.
★ 4.5khello-pinnedcerts. Example of certificate pinning on Android
★ 225AndroidPinning. A standalone library project for certificate pinning on Android.
★ 16cert-pinner. Certificate pinning on Android sample
★ 14canhazaxs. A tool for enumerating the access to entries in the file system of an Android device.
★ 8MonkeyRunner_ApkTest. Python+MonkeyRunner 渠道包测试脚本程序
★ 25Shellshock-Vulnerability-Scan. Android app to scan for bash Vulnerability - CVE-2014-6271 also known as Shellshock
★ 11apk-signature-verify. jar Signature / APK Signature v2 verify with pure python (support rsa dsa ecdsa)
★ 32AndroidZipArbitrage. Exploit for Android Zip bugs: 8219321, 9695860, and 9950697
★ 147obfuscator.
★ 4.4kAndroidObfuscation-NDK. Example of obfuscating an Android NDK project using O-LLVM
★ 216iodine. Official git repo for iodine dns tunnel
★ 7.9kAndroidHostileEnvironmentDetection. Contains many different ways to identify hostile environments.
★ 65mitmproxy. An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
★ 44krootcloak. Open source module for Xposed Framework that hides root from specific apps
★ 521AndroidIntentFuzzer. Fork of iSec Partners Android Intent Fuzzer (https://www.isecpartners.com/tools/mobile-security/intent-fuzzer.aspx)
★ 16CobraDroidBeta. Source code for the beta release of CobraDroid
★ 16JustTrustMe. An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning
★ 5.3kdtf. Android Device Testing Framework ("dtf")
★ 85oat2dex-python. Extract DEX files from an ART ELF binary
★ 41Diaphora_loader. Plugin Loader for Diaphora(Ida Pro)
★ 11Frida_For_Ida_Pro. Frida PluginFor Ida Pro
★ 125ADB_Helper_QT_Super_version. All You Need For Ida Pro And Android Debugging
★ 63wiki.secmobi.com. SecMobi Wiki is a collection of mobile security resources.
★ 630androidpatternlock. A little Python tool to crack the Pattern Lock on Android devices
★ 418drozer. sniffer and fuzzer modules for drozer
★ 13DroidSniff. DroidSniff is an Android app for Security analysis in wireless networks and capturing facebook, twitter, linkedin and other accounts.
★ 177VulnApp. A vulnerable Android app
★ 5maldrolyzer. Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.)
★ 112android-essentials-toolbox. A set of building blocks for analyzing Android apps with Atlas
★ 14AndroidPinning. A standalone library project for certificate pinning on Android.
★ 630smalisca. Static Code Analysis for Smali files
★ 324honggfuzz-android. An Android port of the general purpose honggfuzz fuzzer
★ 19melkor-android. An Android port of the melkor ELF fuzzer
★ 64diaphora. Diaphora, the most advanced Free and Open Source program diffing tool.
★ 4.3ketna_viv. Etnaviv is a project to build a FOSS driver for the Vivante GCxxx series of embedded GPUs - laanwj's personal fork - upstream is https://github.com/etnaviv/etna_viv
★ 217smali. smali/baksmali
★ 6.6kflare-ida. IDA Pro utilities from FLARE team
★ 2.5kxCon-Issues. public "forum" for xCon requests
★ 187MEMSCAN. A memory scanning tool which uses mach_vm* to either dump memory or look for a specific sequence of bytes.
★ 93troubleshooter. setroubleshootd xSports
★ 92InstallerHijackingVulnerabilityScanner. Java
★ 49nexus_5_bootloader_unpacker. A bootloader imgdata unpacker for Nexus 4, 5 and 7 smartphones as well as imgdata tool for Nexus 5.
★ 26googleplay-api. Google Play Unofficial Python API - This project was a PoC and is not maintained anymore. Please feel free to fork it and improve it in any way.
★ 896cuckoo-droid. CuckooDroid - Automated Android Malware Analysis with Cuckoo Sandbox.
★ 606android_external_updateprop. Update Readonly Properties
★ 10jadx. Dex to Java decompiler
★ 50kMobile-Security-Framework-MobSF. Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
★ 21karmpwn. Repository to train/learn memory corruption on the ARM platform.
★ 354linux-memory-dumper. Script that dumps running process memory from Linux systems using /proc.
★ 80Lanmitm. Android中间人攻击测试工具
★ 5adbi. Android Dynamic Binary Instrumentation Toolkit
★ 1.3kddi. ddi - Dynamic Dalvik Instrumentation Toolkit
★ 396AndBug. Android Debugging Library
★ 63drozer-modules. Python
★ 159drozer. The Leading Security Assessment Framework for Android.
★ 4.6kpscout. Mirror of PScout (http://pscout.csl.toronto.edu/).
★ 23sqlcipher. SQLCipher is a standalone fork of SQLite that adds 256 bit AES encryption of database files and other security features.
★ 7.2kmanifesto. PoC framework for APK obfuscation
★ 54samples. Examples of the obfuscated APKs (using manifesto and/or other techniques)
★ 29simplify. Android virtual machine and deobfuscator
★ 4.7kandroid-scripts. Collection of Android reverse engineering scripts
★ 423anti-emulator. Android Anti-Emulator
★ 835VulnWebView. Java
★ 44jsif-enumerator. A drozer module built to enumerate JavaScript interface strings in applications and aid low false positive detection of addJavascriptInterface vulnerabilites.
★ 17rootadb. restart adbd with root privileges
★ 168HexRaysCodeXplorer. Hex-Rays Decompiler plugin for better code navigation
★ 2.6kandroid-backup-extractor. Android backup extractor
★ 2.6kmkbreak. Generic exploit for master key vulnerability in Android
★ 34Apktool. A tool for reverse engineering Android apk files
★ 25kandroid-security-awesome. A collection of android security related resources
★ 9.5k