We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
house - A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python
- 99
House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python. It is designed for helping assess mobile applications by implementing dynamic function hooking and intercepting and intended to make Frida script writing as simple as possible. By default, House binds to http://127.0.0.1:8000.
https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2018/june/house-a-mobile-analysis-platform-built-on-frida/https://github.com/nccgroup/house
| Tags | frida mobile pentest-tool android |
| Implementation | Python |
| License | MIT |
| Platform | Windows Linux |
Related Projects
objection - 📱 objection - runtime mobile exploration
objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. The project's name quite literally explains the approach as well, whereby runtime specific objects are injected into a running process and executed using Frida.
mobile pentest framework ios instrumentation frida security android assessmentMobileApp-Pentest-Cheatsheet - The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics and checklist, which is mapped OWASP Mobile Risk Top 10 for conducting pentest. Your contributions and suggestions are welcome.
mobile-app pentesting android-application ios-app runtime-analysis network-analysis static-analysis reverse-engineers dynamic-analysisextractTVpasswords - tool to extract passwords from TeamViewer memory using Frida
Hi there, in this article we want to tell about our little research about password security in TeamViewer. The method can help during the pentest time for post exploitation to get access to another machine using TeamViewer. A few days ago I worked on my windows cloud VPS with TeamViewer (where I set a custom password). After work I disconnected, at the next time when I wanted to connect, I saw that TeamViewer had auto-filled the password.
teamviewer cplusplus frida hackingappmon - Documentation:
AppMon is an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on Frida. This project exists thanks to all the people who contribute.
android ios-app macos-app security-tools appmon reverse-engineering instrumentation frida mobile-securityawesome-frida - Awesome Frida - A curated list of Frida resources http://www
A curated list of awesome projects, libraries, and tools powered by Frida. Frida is Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript into native apps that run on Windows, Mac, Linux, iOS and Android.
frida awesome dynamic-analysis android ios hooking r2fridaDumpsterFire - "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events
The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use.
pentesting hacking hacking-tool pentest-tool automation security security-tools infosec pentest red-team blue-team red-teams blue-teams pentest-tools hacking-toolshackerEnv - Automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them
hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali linux and Parrot OS.
pentesting pentest kali-linux hacking-tool vulnerability-scanners vulnerability-assessment pentest-scripts pentesterlab pentest-tool kali-scripts hacking-tools pentester kali-toolsBrida - The new bridge between Burp Suite and Frida!
Brida is a Burp Suite Extension that, working as a bridge between Burp Suite and Frida, lets you use and manipulate applications’ own methods while tampering the traffic exchanged between the applications and their back-end services/servers. It supports all platforms supported by Frida (Windows, macOS, Linux, iOS, Android, and QNX).
ReverseAPK - Quickly analyze and reverse engineer Android packages
Quickly analyze and reverse engineer Android applications. This software is free to distribute, modify and use with the condition that credit is provided to the creator (1N3@CrowdShield) and is not for commercial use.
android apk reverse-engineering hacking mobile decompile analyze pentest pentesting smaliCloakify - CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings; Evade DLP/MLS Devices; Defeat Data Whitelisting Controls; Social Engineering of Analysts; Evade AV Detection
CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography using lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your imagination. For a quick start on CloakifyFactory, see the cleverly titled file "README_GETTING_STARTED.txt" in the project for a walkthrough.
cipher data-exfiltration hacking pentesting exfiltration steganography cryptography dlp av-evasion privacy security security-tools infosec red-team pentest pentest-tool hacking-tool hacking-tools pentest-tools stegoYourView - YourView is a desktop App in MacOS based on Apple SceneKit
YourView is a desktop App in MacOS. You can use it to view iOS App's view hierarchy. I think it could be a basic project in app view visualization. Depend on it, you may do your add-on functions's development such as visual tracking like mixpanel, iOS reverse tool just like reveal, frida, even though, you can develop android studio plugin for view debugging. Now I treat it as a iOS reverse tool. Now it is a version of 0.1, I will maintain continuedly. Open YourView/iOS/TalkingDataSDKDemo/TalkingDataSDKDemo.xcodeproj. It's a demo project with the libyourview source code as framework in it. Build and Run,keep the demo app in foreground.
ios tools uiview reveal reverse ui-testing 3d view-hierarchyapk-medit - memory search and patch tool on debuggable apk without root & ndk
Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile game security testing. Many mobile games have rooting detection, but apk-medit does not require root privileges, so memory modification can be done without bypassing the rooting detection. Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can be used casually like GameGuardian. However, there were no tools available for non-root device and CUI. So I made it as a security testing tool. The version that targets iOS apps is aktsk/ipa-medit.
android blackhat android-security security-tools arsenal security-testing mobile-security-testing mobile-app-securityEggShell - iOS/macOS/Linux Remote Administration Tool
EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own. Eggshell payloads are executed on the target machine. The payload first sends over instructions for getting and sending back device details to our server and then chooses the appropriate executable to establish a secure remote control session.
ios pentest-tool pentest-scripts information-security metasploit exploitation remote-admin-tool meterpreter reverse-shell jailbreakmsdat - MSDAT: Microsoft SQL Database Attacking Tool
MSDAT (Microsoft SQL Database Attacking Tool) is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely. Tested on Microsof SQL database 2005, 2008 and 2012.
mssql-database pentest-tool pentest privilege-escalationodat - ODAT: Oracle Database Attacking Tool
ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely. Tested on Oracle Database 10g, 11g and 12c.
oracle-database pentest-tool pentest privilege-escalationFramework7 - Full Featured HTML Framework For Building iOS & Android Apps
Framework7 - is a free and open source mobile HTML framework to develop hybrid mobile apps or web apps with iOS & Android native look and feel. It is also an indispensable prototyping apps tool to show working app prototype as soon as possible in case you need to. The main approach of the Framework7 is to give you an opportunity to create iOS & Android apps with HTML, CSS and JavaScript easily and clear.
mobile-framework mobile-application-development hybrid-mobile-framework mobile-developmentCloudFlair - 🔎 Find origin servers of websites behind by CloudFlare using Internet-wide scan data from Censys
CloudFlair is a tool to find origin servers of websites protected by CloudFlare who are publicly exposed and don't restrict network access to the CloudFlare IP ranges as they should. The tool uses Internet-wide scan data from Censys to find exposed IPv4 hosts presenting an SSL certificate associated with the target's domain name.
cloudflare pentest-tool pentestHeadwind MDM – Open Source Mobile Device Management System for Android
Headwind MDM is the software for managing corporate mobile (Android-based) devices. System administrators can track phones and tablets, perform bulk installation and update of mobile applications, prevent user from entering the device settings and running unwanted apps.
mobile-device-management management mdm mdm-framework admin-tool device-managementhackUtils - It is a hack tool kit for pentest and web security research.
It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/.
xssor2 - XSS'OR - Hack with JavaScript.
XSS'OR - Hack with JavaScript. It contains three major modules: Encode/Decode, Codz, Probe.
probe pentest-tool xss csrf encoding hacking-tool pentest hack
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
