Displaying 1 to 9 from 9 results

Mobile-Security-Framework-MobSF - Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing

  •    Python

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code. MobSF can do dynamic application testing at runtime for Android apps and has Web API fuzzing capabilities powered by CapFuzz, a Web API specific security scanner. MobSF is designed to make your CI/CD or DevSecOps pipeline integration seamless. Your generous donations will keep us motivated.

Androl4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

  •    

AndroL4b is an android security virtual machine based on ubuntu-mate includes the collection of latest framework, tutorials and labs from different security geeks and researchers for reverse engineering and malware analysis.

StaCoAn - StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications

  •    Javascript

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications*. This tool was created with a big focus on usability and graphical guidance in the user interface.

appmon - Documentation:

  •    Javascript

AppMon is an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on Frida. This project exists thanks to all the people who contribute.




BadIntent - Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite

  •    Java

BadIntent is the missing link between the Burp Suite and the core Android's IPC/Messaging-system. BadIntent consists of two parts, an Xposed-based module running on Android and a Burp-plugin. Based on this interplay, it is possible to use the Burp's common workflow and all involved tools and extensions, since the intercept and repeater functionality is provided. BadIntent hooks deeply into the Android system, performs various method redirections in Parcels and adds additional services to provide the described features. Most notably, BadIntent works system-wide (experimental) and is not restricted to individual user apps. The most handy approach is to install BadIntent Android from the Xposed Module Repository and BadIntent Burp from the Burp’s BApp Store. Both are made available/submitted before the Arsenal presentation of BadIntent in Black Hat Las Vegas 2017.

mobilehacktools - A repository for scripting a mobile attack toolchain

  •    Python

This is the mobile security toolchain project. It is loosely based on the MSTG testing tools section (https://github.com/OWASP/owasp-mstg/blob/master/Document/0x08-Testing-Tools.md). The project is in early beta stage. Feel free to contribute! Note that developments are currently slow as the primary focus is now on developing the MSTG.

HolisticInfoSec-For-WebDevelopers-Fascicle2 - :books: IoT :lock: Mobile :books:

  •    

The contents of Fascicle 2 that's a work in progress is listed below, and can be found at the books landing page. If there is something you would like to see included in this fascicle, please submit an issue for consideration.


Digital-Forensics-with-Kali-Linux - Digital Forensics with Kali Linux, published by Packt

  •    

This is the code repository for Digital Forensics with Kali Linux, published by Packt. It contains all the supporting project files necessary to work through the book from start to finish. Kali Linux is a Linux-based distribution used mainly for penetration testing and digital forensics. It has a wide range of tools to help in forensics investigations and incident response mechanisms.