Information Security
apk-mitm A CLI application that automatically prepares Android APK files for HTTPS inspection Inspecting a mobile app’s HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However,...
Recaf Recaf is an open-source Java bytecode editor based on Objectweb’s ASM. ASM is a library that abstracts away the constant pool and class-file attributes. Since keeping track of the constant pool or managing proper...
replica Ghidra Analysis Enhancer ✨Features ⚡ Disassemble missed instructions – Define code that Ghidra’s auto analysis missed ⚡ Detect and fix missed functions – Define functions that Ghidra’s auto analysis missed ⚡ Fix ‘undefinedN’ datatypes – Enhance...
iblessing iblessing is iOS security exploiting toolkit, it mainly includes application information collection, static analysis, and dynamic analysis. iblessing is based on a unicorn engine and capstone engine. Features 🔥 Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract,...
capa capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the...
PHP Fuzzer This library implements a fuzzer for PHP, which can be used to find bugs in libraries (particularly parsing libraries) by feeding them “random” inputs. Feedback from edge coverage instrumentation is used to guide the...
Dragon Dance Dragon Dance is a plugin for Ghidra to get visualize and manipulate the binary code coverage data. Coverage data can be imported from multiple coverage sources. For now, the plugin supports Dynamorio and...
Dr. Memory: the memory debugger Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units...
CocoaDebug – iOS Debugging Tool Feature Shake to hide or show the black bubble. (support both device and simulator) Long press the black bubble to show UIDebuggingInformationOverlay. (Apple’s Private API, support iOS 10/11/12) Application memory...
GDA(GJoy Dex Analysizer) Most reverse engineers mainly use Java decompiler, commercial Dalvik decompiler Jeb and smali2java to analyze Android APPs. Java decompiler is based on Java bytecode, including JD, JD-GUI, jadx, and others. smali2java...
Suggested Reading