Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code. MobSF can do dynamic application testing at runtime for Android apps and has Web API fuzzing capabilities powered by CapFuzz, a Web API specific security scanner. MobSF is designed to make your CI/CD or DevSecOps pipeline integration seamless. Your generous donations will keep us motivated.
static-analysis dynamic-analysis mobsf android-security mobile-security windows-mobile-security ios-security mobile-security-framework api-testing web-security malware-analysis runtime-security ci-cd devsecops apk ipaiGoat Quick Setup git clone https://github.com/OWASP/iGoat-Swift.gitand open iGoat-Swift.xcodeproj with xcode. Setup iGoat Server Navigate to server > docker_packaging and then use command docker compose up Using Cydia Repo - Open Cydia -> Sources -> Edit and add source http://swiftigoat.yourepo.com/ and then search for iGoat and install it.
ios-security runtime-security insecure-data-storage ipa owasp-igoat owasp-top-10 ios-swiftIpa-medit is a memory search and patch tool for resigned ipa without jailbreaking. It supports iOS apps running on iPhone and Apple Silicon Mac. It was created for mobile game security testing. Many mobile games have jailbreak detection, but ipa-medit does not require jailbreaking, so memory modification can be done without bypassing the jailbreak detection. Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can be used casually like GameGem and iGameGuardian. However, there were no tools available for un-jailbroken device and CUI, Apple Silicon Mac. So I made it as a security testing tool. Android version is aktsk/apk-medit.
ios blackhat ios-security m1 security-tools arsenal security-testing mobile-security-testing mobile-app-security applesiliconipautil is a useful utility for mobile security testing. This tool makes it easy to resign the IPA, check for potentially sensitive files and Info.plist in the IPA. It is a wrapper for codesign commands. I've only checked it works on macOS. Android version is here.
ipa ios-security security-testing mobile-security-testing mobile-app-security
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.