BlueBorne Android Exploit PoC This repository contains a PoC code of BlueBorne’s Android RCE vulnerability (CVE-2017-0781). It also uses the SDP Information leak vulnerability (CVE-2017-0785) to bypass ASLR. It achieves...
Reverse Engineering / Smartphone PenTest
by do son · Published October 17, 2017 · Last modified November 4, 2024
Passionfruit Simple iOS app blackbox assessment tool. Powered by frida.re and vuejs. Features Fully web-based GUI! Only supports jailbroken device now. A non-jailbroken solution is on the way. List all url schemes. Screenshot....
Network PenTest / Smartphone PenTest
by do son · Published October 12, 2017 · Last modified May 1, 2024
cSploit: Android network pentesting suite cSploit is a free/libre and open source (GPLed) Android network analysis and penetration suite which aims to be the most complete and advanced professional toolkit for IT security experts/geeks to...
Evil-Droid Framework Author: Mascerano Bachir Evil-Droid is a framework that creates & generate & embed apk payload to penetrate Android platforms. Legal Disclaimer: The author does not hold any responsibility...
Forensics / Reverse Engineering / Smartphone PenTest
by do son · Published September 10, 2017 · Last modified October 10, 2021
MARA_Framework MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a tool that puts together commonly used mobile application reverse engineering and analysis tools, to assist in...
Metasploit / Network PenTest / Smartphone PenTest
by do son · Published August 24, 2017 · Last modified November 5, 2017
Make metasploit android payload persistent Add AlarmManager Make service restart on destroy How-to just download release version, unpack android.zip under “data” folder of metasploit-framework’s root directory or compile Compile To...
AVPASS AVPASS is a tool for leaking the detection model of Android malware detection systems (i.e., antivirus software), and bypassing their detection logics by using the leaked information coupled with...
Smartphone PenTest / Web Vulnerability Analysis / WebApp PenTest
by do son · Published July 22, 2017 · Last modified August 5, 2017
BadIntent Introduction BadIntent is the missing link between the Burp Suite and the core Android’s IPC/Messaging-system. BadIntent consists of two parts, an Xposed-based module running on Android and a Burp-plugin....
Inspeckage – Android Package Inspector Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to functions of the Android API, Inspeckage will help you...
WhatsPwn Linux tool used to extract sensitive data, inject backdoor or drop remote shells on Android devices. There may be some bugs on devices running Android 6.* Marshmallow because of...
Exploitation / Network PenTest / Smartphone PenTest / Web Information Gathering / WebApp PenTest
by do son · Published July 14, 2017 · Last modified November 4, 2024
PySploit Framework free exploit framework written use python language version 3.3 Features Easy to use Free and open source Organizer Easy to develop it Programmed using on of the most...
Reverse Engineering / Smartphone PenTest
by do son · Published July 13, 2017 · Last modified October 10, 2021
Androguard – reverse engineering , Android app malware and good software analysis Android Apk decompiler – Online decompile for Apk and Dex Android files Android loadble kernel module – it is mainly used in the controlled system/simulator on the reverse...
Reverse Engineering / Smartphone PenTest
by do son · Published July 11, 2017 · Last modified August 4, 2017
Androguard – reverse engineering , Android app malware and good software analysis Features Androguard is a full python tool to play with Android files. DEX, ODEX APK Android’s binary xml Android resources Disassemble...
Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Assessing the security of an iOS application typically requires a plethora of...
Metasploit / Network PenTest / Smartphone PenTest
by do son · Published July 3, 2017 · Last modified November 4, 2024
Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework. Create payload using metasploit msfvenom -p...
Support Securityonline.info site. Thanks!
