APK Lab The ultimate Android RE experience right inside your VS Code. APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer, and more to the excellent VS Code so...
UAFuzz: Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities Directed Greybox Fuzzing (DGF) like AFLGo aims to perform stress testing on pre-selected potentially vulnerable target locations, with applications to different security contexts: (1) bug...
Reverse Engineering / Smartphone PenTest
by do son · Published October 31, 2020 · Last modified September 26, 2023
NFCGate NFCGate is an Android application meant to capture, analyze, or modify NFC traffic. It can be used as a researching tool to reverse engineer protocols or assess the security...
Reverse Engineering / Smartphone PenTest
by do son · Published October 20, 2020 · Last modified August 10, 2021
apkLeaks Scanning APK file for URIs, endpoints & secrets. Changelog v2.6.1 Patch Remove trailing comma (hotfix #52) Installation Linux $ sudo apt-get install libssl-dev swig -y OSX $ brew install openssl...
Reverse Engineering / Smartphone PenTest
by do son · Published October 15, 2020 · Last modified April 20, 2021
apk-medit Apk-medit is a memory search and patch tool for debuggable apk without root & ndk. It was created for mobile game security testing. Motivation Memory modification is the easiest...
binbloom The purpose of this project is to analyze raw binary firmware and determine automatically some of its features. This tool is compatible with all architectures as basically, it just...
Oregami IDA plugins and scripts for analyzing register usage frame Use as script Besides being used as plugins, oregami can be used also to write your own scripts! For this,...
replica Ghidra Analysis Enhancer ✨Features ⚡ Disassemble missed instructions – Define code that Ghidra’s auto analysis missed ⚡ Detect and fix missed functions – Define functions that Ghidra’s auto analysis missed ⚡ Fix...
Dragon Dance Dragon Dance is a plugin for Ghidra to get visualize and manipulate the binary code coverage data. Coverage data can be imported from multiple coverage sources. For now, the...
grap: define and match graph patterns within binaries grap takes patterns and binary files, uses a Capstone-based disassembler to obtain the control flow graphs from the binaries, then matches the...
VMPDump A dynamic VMP dumper and import fixer, powered by VTIL. Works for VMProtect 3.X x64. How It Works VMProtect injects stubs for every import call or jmp. These stubs...
FLUFFI FLUFFI (Fully Localized Utility For Fuzzing Instantaneously) is a distributed feedback-based evolutionary fuzzer developed by Siemens STT (formerly CSA) designed specifically for the SIEMENS environment. “Designed specifically for the...
Polypyus Firmware Historian Polypyus learns to locate functions in raw binaries by extracting known functions from similar binaries. Thus, it is a firmware historian. Polypyus works without disassembling these binaries, which is an...
Exploitation / Reverse Engineering
by do son · Published August 14, 2020 · Last modified May 1, 2024
Telemetry Sourcerer Telemetry Sourcerer can enumerate and disable common sources of telemetry used by AV/EDR on Windows. Red teamers and security enthusiasts can use this tool in a lab environment...
ret-sync ret-sync stands for Reverse-Engineering Tools SYNChronization. It is a set of plugins that help to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg/OllyDbg2/x64dbg) with a disassembler (IDA/Ghidra). The underlying idea is simple: take...
Support Securityonline.info site. Thanks!
