Information Security
apkLeaks Scanning APK file for URIs, endpoints & secrets. Changelog v2.5.1 Patch Update Facebook_Secret_Key pattern. Convert inline-flags PCRE style (#48). Installation Linux $ sudo apt-get install libssl-dev swig -y OSX $ brew install openssl swig Windows...
InjuredAndroid – CTF A vulnerable Android application with ctf examples based on bug bounty findings, exploitation concepts, and pure creativity. Changelog v1.0.11 Added flag eighteen! This flag is all about File Providers. The intended...
Ghost Framework Ghost Framework is an Android post-exploitation framework that uses an Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration....
iPwn A Framework meant for the exploitation of iOS devices. iPwn is a framework meant for exploiting and gaining access to iOS devices. It also has an extension that is a mini-framework called ‘iSteal’...
iblessing iblessing is iOS security exploiting toolkit, it mainly includes application information collection, static analysis, and dynamic analysis. iblessing is based on a unicorn engine and capstone engine. Features 🔥 Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract,...
Allsafe Allsafe is an intentionally vulnerable application that contains various vulnerabilities. Unlike other vulnerable Android apps, this one is less like a CTF and more like a real-life application that uses modern libraries and...
Mobile Security Framework Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast...
apk-medit Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile game security testing. Motivation Memory modification is the easiest way to cheat in...
truegaze A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third-party libraries, and configuration files. Structure The application is command line and...
objection Runtime Mobile Exploration introduction – objection Runtime Mobile Exploration objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the...
Suggested Reading