Earth

Ryan Welton

Elite
@Fuzion24

JustTrustMe. An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning

5.3k

AndroidKernelExploitationPlayground. C

571

AndroidObfuscation-NDK. Example of obfuscating an Android NDK project using O-LLVM

216

AndroidZipArbitrage. Exploit for Android Zip bugs: 8219321, 9695860, and 9950697

147

OSX_Swizzler. Demonstrates cracking an app without modifying it using SIMBL + method swizzling

83

AndroidHostileEnvironmentDetection. Contains many different ways to identify hostile environments.

65

WebAPKCrawler. Uses Google to search for .apks hosted on websites and downloads them

20

KindleXposed. Xposed module for Android that will remove DRM from your Kindle books

19

AndroidIntentFuzzer. Fork of iSec Partners Android Intent Fuzzer (https://www.isecpartners.com/tools/mobile-security/intent-fuzzer.aspx)

16

CardLibrary. Read Magnetic stripe data using square card reader

13

Permission-Control. Viewing and revocation of Android permissions

12

LLVM-Linux-Kernel. C

7

teamviewerpoc. Java

6

vUSBf. Python

5

AndroidPermissionWebScraper. A real quick ruby script to scrape Androids permission website and export permission name, since API, and description to a .csv file

5

BroadcastAnywhere. Java

5

obfuscator.

5

Newz4Droid. A usenet client for android

5

SafetyNetTestApp. Java

4

SM-G900V_NA_KK_Opensource-S5-Kernel-. C

4

android-bins.

4

boot-unlocker. Automatically exported from code.google.com/p/boot-unlocker-gnex

4

MinMinGuard. Cancelled

4

secure-mobile-development. Secure Mobile Development - A collection of best practices

4

rootcloak. Open source module for Xposed Framework that hides root from specific apps

3

magspoof. MagSpoof is a portable device that can spoof/emulate any magnetic stripe or credit card "wirelessly", even on standard magstripe readers.

3

drozer. The Leading Security Assessment Framework for Android.

3

fuzzer-android. Unnamed repository; edit this file 'description' to name the repository.

3

HipChatXSSExploit. %3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%22%43%72%6F %73%73%53%69%74%65%53%63%72%69%70%74%69%6E%67%32%22%29%3C%2F %73%63%72%69%70%74%3E

3

googleplay-api. Google Play Unofficial Python API

3

Node-Password-Manager. A (not quite functional) password manager written in coffescript

3

mitmproxy. An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers

3

smali. smali/baksmali

3

android-vts. In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents Android VTS

3

samsung-ime-rce-poc. Samsung Remote Code Execution as System User

3

Nexus-5-4.4.2-Local-DOS. Causes a reboot with 0 permissions on a Nexus 5 <= 4.4.2

3

Signal-Android. A private messenger for Android.

3

AndroidViewClient. Android ViewServer client

3

SuperPoster. yenc NNTP poster in java

3

bootimg-tools. Android boot.img creation and extraction tools (also MinGW compatible)

2

androguard. Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)

2

httpswatch. https://httpswatch.com

2

Xposed. The native part of the Xposed framework (mainly the modified app_process binary).

2

syzkaller. syzkaller is a distributed, unsupervised, coverage-guided Linux syscall fuzzer

2

freebsd. FreeBSD src tree (read-only mirror)

2

libping_unhash_exploit_POC. CVE-2015-3636 exploit

2

iodine. Official iodine git repo

2

cve-2015-1538-2. An exploit for CVE-2015-1538-1 - Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution

2

drozer-agent. The Android Agent for the Mercury Security Assessment Framework.

2

PlayAppInstaller. Java

2

google-play-crawler. Play with Google Play API :)

2

android-cluster-toolkit. The Android Cluster Toolkit helps organize and manipulate a collection of Android devices.

2

unfiltered. A toolkit for servicing HTTP requests in Scala

2

maven.

2

platform_dalvik. C++

2

S3Client. An Scala S3 Library that uses finagle for evented, asynchronous IO.

2

DrawSomethingHelper. This game allows you to play CUSTOM WORDS on Draw Something. It also allows you to overlay and image to trace out.

2

img4tool. image4

1

evilarc. Create tar/zip archives that can exploit directory traversal vulnerabilities

1
59
Apply