QCSuper QCSuper is a tool communicating with Qualcomm-based phones and modems, allowing to capture raw 2G/3G/4G (and for certain models 5G) radio frames, among other things. It will allow you to generate PCAP captures of it using either...
The Damne Vulnerable Android Components – DVAC Damn Vulnerable Android Components (DVAC) is an educational Android application intentionally designed to expose and demonstrate vulnerabilities related to various Android components such as Activities, Intents, Content...
drozer drozer is a security testing framework for Android. drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Android Runtime,...
APKDeepLens APKDeepLens is a Python-based tool designed to scan Android applications (APK files) for security vulnerabilities. It specifically targets the OWASP Top 10 mobile vulnerabilities, providing an easy and efficient way for developers, penetration...
apk2url apk2url easily extracts URL and IP endpoints from an APK file to a .txt output. This is suitable for information gathering by the red team, penetration testers, and developers to quickly identify endpoints...
MORF – Mobile Reconnaissance Framework Mobile Reconnaissance Framework is a powerful, lightweight, and platform-independent offensive mobile security tool designed to help hackers and developers identify and address sensitive information within mobile applications. It is...
Apepe Apepe is a Python tool developed to help pentesters and red teamers easily get information from the target app. This tool will extract basic pieces of information such as the package name if...
QuadraInspect The security of mobile devices has become a critical concern due to the increasing amount of sensitive data being stored on them. With the rise of Android OS as the most popular mobile...
APKHunt | OWASP MASVS Static Analyzer APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers...
PhoneSploit Pro An All-In-One hacking tool is written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework. Complete Automation to get a meterpreter session in One Click This tool can automatically Create, Install, and Run payload...
Programming / Smartphone PenTest
by do son · Published October 14, 2022 · Last modified September 24, 2023
What is Tai-e? Tai-e (Chinese: 太阿; pronunciation: [ˈtaɪə:]) is a new static analysis framework for Java (please see our technical report for details), which features arguably the “best” designs from both the novel ones we proposed...
Slicer A tool to automate the recon process on an APK file. Slicer accepts a path to an extracted APK file and then returns all the activities, receivers, and services which are exported and...
AppShark Appshark is a static analysis tool for Android apps. Its goal is to analyze very large apps (Douyin currently has 1.5 million methods). Appshark supports the following features: JSON-based customized scanning rules to...
reFlutter This framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled and ready for app repacking. This library has a snapshot deserialization process modified...
FirmWire FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging of baseband firmware images. FirmWire is the result of a multi-year, cross-university research...
Support Securityonline.info site. Thanks!
