Information Security
InjuredAndroid – CTF A vulnerable Android application with ctf examples based on bug bounty findings, exploitation concepts, and pure creativity. Setup for a physical device Download injuredandroid.apk from Github (git clone https://github.com/B3nac/InjuredAndroid) Enable USB...
Mobile Security Framework Mobile Security Framework (MobSF) is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast...
Obfuscapk – A black-box obfuscation tool for Android apps. Obfuscapk is a modular Python tool for obfuscating Android apps without needing their source code, since apktool is used to decompile the original apk file and to...
APKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It’s PEiD for Android. For more information on what this tool can be used for, check...
sdrtrunk A cross-platform Java application for decoding, monitoring, recording, and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). SDRtrunk is an integrated application for demodulating radio signals and decoding trunked...
truegaze A static analysis tool for Android and iOS applications focusing on security issues outside the source code such as resource strings, third-party libraries, and configuration files. Structure The application is command line and...
jadx – Dex to Java decompiler Command line and GUI tools for produce Java source code from Android Dex and Apk files Changelog v1.1 Features initial deboxing implementation (#717) (fd7d08c) cli: add options for change...
objection Runtime Mobile Exploration introduction – objection Runtime Mobile Exploration objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the...
VyAPI – The Modern Cloud-Based Vulnerable Hybrid Android App VyAPI is a vulnerable hybrid Android app that’s vulnerable by design. We call it VyAPI because it’s flaws are pervasive and it communicates not just...
smalien Investigating how an application handles users’ privacy-sensitive information is essential for mobile security researchers to understand the behavior of the application and determine whether it is harmless or malicious. Our information flow analysis...
