Information Security
truegaze A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third-party libraries, and configuration files. Structure The application is command line and...
objection Runtime Mobile Exploration introduction – objection Runtime Mobile Exploration objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the...
iblessing iblessing is iOS security exploiting toolkit, it mainly includes application information collection, static analysis, and dynamic analysis. iblessing is based on a unicorn engine and capstone engine. Features 🔥 Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract,...
Mobile Security Framework Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast...
apkLeaks Scanning APK file for URIs, endpoints & secrets. Installation Linux $ sudo apt-get install libssl-dev swig -y OSX $ brew install openssl swig Windows You need to install: OpenSSL, and swig-win. To install apkLeaks,...
UnSAFE Bank UnSAFE Bank is a core virtual banking suite designed with the aim to incorporate the cybersecurity risks and various test cases such that newbie, developers, and security analysts can learn, hack and...
Allsafe Allsafe is an intentionally vulnerable application that contains various vulnerabilities. Unlike other vulnerable Android apps, this one is less like a CTF and more like a real-life application that uses modern libraries and...
APKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It’s PEiD for Android. For more information on what this tool can be used for, check...
Damn Vulnerable Bank Damn Vulnerable Bank Android Application aims to provide an interface for everyone to get a detailed understanding of the internal and security aspects of android applications. Features Sign up Login My...
AndroGoat AndroGoat is purposely developed an open-source vulnerable/insecure app using Kotlin. Security Testers/Professionals/Enthusiasts, Developers…etc. can use this application to understand and defend the vulnerabilities in the Android platform. This is the first vulnerable app...
Suggested Reading