Scanning APK file for URIs, endpoints & secrets. APKLeaks using jadx disassembler to decompile APK file. If it doesn't exist in your environment, it'll ask you to download.
static-analysis reverse-engineering apk bugbounty android-security mobile-security apk-parser scanning-apkMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code. MobSF can do dynamic application testing at runtime for Android apps and has Web API fuzzing capabilities powered by CapFuzz, a Web API specific security scanner. MobSF is designed to make your CI/CD or DevSecOps pipeline integration seamless. Your generous donations will keep us motivated.
static-analysis dynamic-analysis mobsf android-security mobile-security windows-mobile-security ios-security mobile-security-framework api-testing web-security malware-analysis runtime-security ci-cd devsecops apk ipaAndroL4b is an android security virtual machine based on ubuntu-mate includes the collection of latest framework, tutorials and labs from different security geeks and researchers for reverse engineering and malware analysis.
mobile-security android malware-analyzer penetration-testing reverse-engineering application-securityStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications*. This tool was created with a big focus on usability and graphical guidance in the user interface.
bugbounty security security-tools mobile-security static-code-analysisAppMon is an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on Frida. This project exists thanks to all the people who contribute.
android ios-app macos-app security-tools appmon reverse-engineering instrumentation frida mobile-securityBadIntent is the missing link between the Burp Suite and the core Android's IPC/Messaging-system. BadIntent consists of two parts, an Xposed-based module running on Android and a Burp-plugin. Based on this interplay, it is possible to use the Burp's common workflow and all involved tools and extensions, since the intercept and repeater functionality is provided. BadIntent hooks deeply into the Android system, performs various method redirections in Parcels and adds additional services to provide the described features. Most notably, BadIntent works system-wide (experimental) and is not restricted to individual user apps. The most handy approach is to install BadIntent Android from the Xposed Module Repository and BadIntent Burp from the Burp’s BApp Store. Both are made available/submitted before the Arsenal presentation of BadIntent in Black Hat Las Vegas 2017.
android burp-extensions pentesting mobile-securityThis is the mobile security toolchain project. It is loosely based on the MSTG testing tools section (https://github.com/OWASP/owasp-mstg/blob/master/Document/0x08-Testing-Tools.md). The project is in early beta stage. Feel free to contribute! Note that developments are currently slow as the primary focus is now on developing the MSTG.
ios android pentest mobile-security mobile-security-testingThe contents of Fascicle 2 that's a work in progress is listed below, and can be found at the books landing page. If there is something you would like to see included in this fascicle, please submit an issue for consideration.
devops security security-audit security-review security-testing devsecops book hacking iot iot-testing iot-security iot-security-testing threat-modeling infosec mobile mobile-security mobile-security-testing android booksThis is the code repository for Digital Forensics with Kali Linux, published by Packt. It contains all the supporting project files necessary to work through the book from start to finish. Kali Linux is a Linux-based distribution used mainly for penetration testing and digital forensics. It has a wide range of tools to help in forensics investigations and incident response mechanisms.
kali-linux kali-scripts digital-forensics forensics mobile-security hacking brute-force-attacks investigation forensics-investigations penetration-testing pentesting pentest-toolDjango application that performs SAST and Malware Analysis for Android APKs
docker django malware django-rest-framework apk malware-analysis android-security mobile-security virustotal androguard apk-analysis sast code-security defect-dojo mobile-audit
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.