Mobile-Security-Framework-MobSF - Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing

•    Python

---

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code. MobSF can do dynamic application testing at runtime for Android apps and has Web API fuzzing capabilities powered by CapFuzz, a Web API specific security scanner. MobSF is designed to make your CI/CD or DevSecOps pipeline integration seamless. Your generous donations will keep us motivated.

static-analysis dynamic-analysis mobsf android-security mobile-security windows-mobile-security ios-security mobile-security-framework api-testing web-security malware-analysis runtime-security ci-cd devsecops apk ipa

NS 3 - Network Simulator

•    C

---

Ns is a discrete event simulator targeted at networking research. Ns provides substantial support for simulation of TCP, routing, and multicast protocols over wired and wireless (local and satellite) networks.

simulation network-simulation network-emulator

vscode-realtime-debugging - An extension for VS Code that visualizes how a program is being executed in real time

•    TypeScript

---

If you are familiar with logpoints, you will never ever need console.log for debugging again! I highly recommend binding the command Debug: Add Logpoint... to a shortcut that is easy to reach (I put it on Shift+F2). With logpoints you don't need to restart a program when you want to visualize its execution.

debugger debug debugging visual realtime real-time logpoint logging log

Inspeckage - Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more

•    Java

---

Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to functions of the Android API, Inspeckage will help you understand what an Android application is doing at runtime. Logcat.html page. A experimental page with websocket to show some information from the logcat.

android-application security-analysis dynamic-analysis xposed

house - A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python

•    Python

---

House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python. It is designed for helping assess mobile applications by implementing dynamic function hooking and intercepting and intended to make Frida script writing as simple as possible. By default, House binds to http://127.0.0.1:8000.

frida mobile pentest-tool android

MobileApp-Pentest-Cheatsheet - The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics

•    

---

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics and checklist, which is mapped OWASP Mobile Risk Top 10 for conducting pentest. Your contributions and suggestions are welcome.

mobile-app pentesting android-application ios-app runtime-analysis network-analysis static-analysis reverse-engineers dynamic-analysis

wdbgark - WinDBG Anti-RootKit Extension

•    C++

---

WDBGARK is an extension (dynamic library) for the Microsoft Debugging Tools for Windows. It main purpose is to view and analyze anomalies in Windows kernel using kernel debugger. It is possible to view various system callbacks, system tables, object types and so on. For more user-friendly view extension uses DML. For the most of commands kernel-mode connection is required. Feel free to use extension with live kernel-mode debugging or with kernel-mode crash dump analysis (some commands will not work). Public symbols are required, so use them, force to reload them, ignore checksum problems, prepare them before analysis and you'll be happy. Windows BETA/RC is supported by design, but read a few notes. First, i don't care about checked builds. Second, i don't care if you don't have symbols (public or private). IA64/ARM is unsupported (and will not).

kernel-mode c-plus-plus malware malware-analysis malware-research forensic-analysis windbg windbg-extension anti-rootkit visual-studio driver wdbgark memory-forensics anomaly-detection user-mode sww debugging-tool swwwolf crash-dump

evidently - Interactive reports to analyze machine learning models during validation or production monitoring

•    Jupyter

---

Interactive reports and JSON profiles to analyze, monitor and debug machine learning models. Evidently helps evaluate machine learning models during validation and monitor them in production. The tool generates interactive visual reports and JSON profiles from pandas DataFrame or csv files. You can use visual reports for ad hoc analysis, debugging and team sharing, and JSON profiles to integrate Evidently in prediction pipelines or with other visualization tools.

data-science machine-learning pandas-dataframe jupyter-notebook html-report production-machine-learning mlops model-monitoring machine-learning-operations data-drift

panda - Platform for Architecture-Neutral Dynamic Analysis

•    C

---

PANDA is an open-source Platform for Architecture-Neutral Dynamic Analysis. It is built upon the QEMU whole system emulator, and so analyses have access to all code executing in the guest and all data. PANDA adds the ability to record and replay executions, enabling iterative, deep, whole system analyses. Further, the replay log files are compact and shareable, allowing for repeatable experiments. A nine billion instruction boot of FreeBSD, e.g., is represented by only a few hundred MB. PANDA leverages QEMU's support of thirteen different CPU architectures to make analyses of those diverse instruction sets possible within the LLVM IR. In this way, PANDA can have a single dynamic taint analysis, for example, that precisely supports many CPUs. PANDA analyses are written in a simple plugin architecture which includes a mechanism to share functionality between plugins, increasing analysis code re-use and simplifying complex analysis development. It is currently being developed in collaboration with MIT Lincoln Laboratory, NYU, and Northeastern University.

reverse-engineering dynamic-analysis qemu

DECAF - DECAF(short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU

•    C

---

DECAF(short for Dynamic Executable Code Analysis Framework) is a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF. Lok Kwong Yan, Andrew Henderson, Xunchao Hu, Heng Yin, and Stephen McCamant?.On soundness and precision of dynamic taint analysis. Technical Report SYR-EECS-2014-04, Syracuse University, January 2014.

uroboros - A GNU/Linux monitoring and profiling tool focused on single processes.

•    Go

---

Uroboros is a GNU/Linux monitoring tool focused on single processes. While utilities like top, ps and htop provide great overall details, they often lack useful temporal representation for specific processes, such visual representation of the process data points can be used to profile, debug and generally monitor its good health. There are tools like psrecord that can record some of the activity of a process, but some graphical server is required for rendering, and it's neither complete nor realtime.

HaboMalHunter - HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo

•    Python

---

HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system. The tool help security analyst extracting the static and dynamic features from malware effectively and efficiently. The generated report provides significant information about process, file I/O, network and system calls. The tool can be used for the static and dynamic analysis of ELF files on the Linux x86/x64 platform.

malware-analysis dynamic-analysis security static-analysis elf

Triton - Triton is a Dynamic Binary Analysis (DBA) framework

•    C++

---

Triton is a dynamic binary analysis (DBA) framework. It provides internal components like a Dynamic Symbolic Execution (DSE) engine, a Taint engine, AST representations of the x86 and the x86-64 instructions set semantics, SMT simplification passes, an SMT Solver Interface and, the last but not least, Python bindings. Based on these components, you are able to build program analysis tools, automate reverse engineering and perform software verification. As Triton is still a young project, please, don't blame us if it is not yet reliable. Open issues or pull requests are always better than troll =).

reverse-engineering symbolic-execution binary-analysis instruction-semantics program-analysis taint-analysis smt binary-translation

debug-bottle - 🍼Debug Bottle is an Android runtime debug / develop tools written using kotlin language

•    Kotlin

---

An Android debug / develop tools written using Kotlin language. All the features in Debug bottle are only available on debug build version with your app, it doesn't has an impact on release version. Enable "Network Listener" at Settings, then you can see all network traffics what requested by your app.

android-debug kotlin-android android-library

DynamicXray - iOS UIKit Dynamics runtime visualisation and introspection library.

•    Objective-C

---

DynamicXray is a UIKit Dynamics runtime visualisation and introspection library for iOS. Ever wanted to see under the hood of the UIKit Dynamics physics engine? Now you can! With DynamicXray you can visualise your dynamic animator live at runtime, exposing all dynamic behaviours and dynamic items.

MIEngine - The Visual Studio MI Debug Engine ("MIEngine") provides an open-source Visual Studio Debugger extension that works with MI-enabled debuggers such as gdb, lldb, and clrdbg

•    CSharp

---

The Visual Studio MI Debug Engine ("MIEngine") provides an open-source Visual Studio extension that enables debugging with debuggers that support the gdb Machine Interface ("MI") specification such as GDB, LLDB, and CLRDBG.Before you contribute, please read through the contributing and developer guides to get an idea of requirements for pull requests.

MDX Parser,Builder,DOM and OLAP visual controls with Writeback for Silverlight

•    CSharp

---

It is component library for OLAP, .NET & Silverlight (C#). * MDX DOM, Parser, Generator, Query Designer * Description of supported MDX Syntax * Dynamic Pivot Grid - Pivot Table with Writeback * OLAP metadata choice controls See also: http://code.google.com/p/ranet-uilibrary-olap/

analysis analysis-services bi controls data-warehouse galaktika

Dynamic Language Runtime

•    DotNet

---

The Dynamic Language Runtime enables language developers to create dynamic languages for the .NET platform. In addition to being a pluggable back-end for dynamic language compilers, the DLR provides a easy to interface that makes hosting dynamic language compilers in applications

dlr dynamics ironpython

PowerShell Debug Visualizer

•    

---

Using PowerShell, you interact with .NET objects during debugging in the Visual Studio IDE. The PowerShell Visualizer injects objects, presents a scripting window. And more.... Decorate your classes like so: [DebuggerVisualizer(typeof(PoSHVisualizer.PoSHVisualizer))] [Serial...

powershell debug debug-visualizer debugging visual-studio

NUnitit - a Visual Studio Addin for NUnit

•    CSharp

---

An addin that allows you to run and debug NUnit projects within Visual Studio without setting a start program in the debug options or attaching manually to an external process.

addin build-tools nunit testing visual-studio