Loading...
ReFlutter is a free Mobile App Security tool. Security professionals most commonly compare it with ImmuniWeb® MobileSuite, . All 112 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to ReFlutter, including their key features and shared capabilities.
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
Shares 3 capabilities with ReFlutter: IOS, Dynamic Analysis, Android Security
Training course for Android and iOS mobile app security testing and exploitation
Shares 3 capabilities with ReFlutter: Reverse Engineering, IOS, Android Security
Mobile app security testing platform for Android and iOS applications
Shares 3 capabilities with ReFlutter: IOS, Dynamic Analysis, Android Security
Mobile app security solution protecting against reverse engineering & attacks
Shares 3 capabilities with ReFlutter: Reverse Engineering, IOS, Android Security
Runtime app protection for iOS & Android against tampering & malware
Shares 3 capabilities with ReFlutter: Reverse Engineering, IOS, Android Security
Mobile app risk management platform with static & dynamic analysis.
Shares 3 capabilities with ReFlutter: IOS, Dynamic Analysis, Android Security
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
Shares 3 capabilities with ReFlutter: Reverse Engineering, Dynamic Analysis, Android Security
Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.
Shares 3 capabilities with ReFlutter: Reverse Engineering, Dynamic Analysis, Android Security
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
Training course for Android and iOS mobile app security testing and exploitation
Mobile app security testing platform for Android and iOS applications
Mobile app security solution protecting against reverse engineering & attacks
Runtime app protection for iOS & Android against tampering & malware
A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.
Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.
A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.
AppMon is a Frida-based automated framework for monitoring and tampering with system API calls across macOS, iOS, and Android applications.
Mobile security testing platform for Android and iOS apps with SAST and DAST
Mobile app security testing platform for Android and iOS apps
Android app protection tool with obfuscation, encryption, and RASP
Server-side mobile app attestation verifying app integrity and API access
Risk assessment platform for third-party mobile apps in enterprise networks
Mobile app security testing platform for identifying data security risks
Codeless mobile app protection platform for Android and iOS applications
C# obfuscation & encryption tool for .NET, MAUI, and Xamarin apps
AI-powered mobile app security platform with device binding and threat detection
Android app dynamic behavior analysis system using sandbox technology.
Runtime RASP platform securing Android & iOS apps with no-code deployment.
An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
A tool for extracting static and dynamic features from Android APKs.
Docker file for building Androguard dependencies with an optional interactive shell environment.
CuckooDroid extends Cuckoo Sandbox to provide automated dynamic analysis of Android applications in a controlled sandbox environment.
DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.
Redexer is a reengineering tool that parses, analyzes, and modifies Android DEX files for binary manipulation and permission analysis.
Andromeda makes reverse engineering of Android applications faster and easier.
Android security virtual machine with updated tools and frameworks for reverse engineering and malware analysis.
An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.
MARA is a Mobile Application Reverse engineering and Analysis Framework with various features for testing mobile applications against OWASP mobile security threats.
AI-enhanced mobile app security scanner for Android & iOS with SAST/DAST
Mobile app security testing and runtime protection platform
Mobile app security testing combining vuln assessment, pentesting & forensics
Android app security validation service for Google Play MASA certification
Automated mobile app security testing platform for iOS and Android apps
Mobile app security platform for DevSecOps teams across app lifecycle
JavaScript obfuscation tool for protecting code from reverse engineering
Mobile app shielding and in-app protection for mobile applications
Mobile app security audit covering code review, DAST, SAST, and pentesting.
Binary-level firmware protection for embedded systems, no source code needed.
App hardening platform with RASP, obfuscation, and threat monitoring.
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
A Java-based API tool for programmatically searching and downloading Android applications from Google Play Store with Galaxy S3 device compatibility.
AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.
Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.
A command-line Android APK vulnerability analyzer written in Rust that decompresses and scans APK files using rule-based detection to identify security issues.
A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.
A full python tool for analyzing Android files with various functionalities.
A security checklist based on OWASP standards that provides comprehensive guidelines for designing, testing, and releasing secure Android applications.
Python wrapper for Android APK decompilation with various converter and decompiler options.
idb is a tool that simplifies iOS penetration testing and security research tasks, available in both command line and GUI versions.
CFGScanDroid is a Java utility that compares control flow graph signatures to Android method control flow graphs for malicious application detection.
ELFcrypt encrypts ELF binaries with obfuscation and anti-debugging features to protect against reverse engineering.
A command-line tool for downloading Android APK files from the Appland platform via npm installation.
An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.
A standalone binary inspection tool for Android developers with support for various formats and dependencies.
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
A tool for translating Dalvik bytecode to Java bytecode for analyzing Android applications.
A deliberately vulnerable Android application containing multiple security flaws designed for educational purposes and security training.
QARK is a static analysis tool that scans Android applications for security vulnerabilities and can generate proof-of-concept exploits for discovered issues.
DVHMA is an intentionally vulnerable Android hybrid mobile app built with Apache Cordova for security testing and educational purposes.
One stop shop for decompiling Android apps with a focus on regenerating R references.
Androwarn performs static analysis of Android applications using Dalvik bytecode examination to detect and report potentially malicious behaviors.
Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.
drozer is an open source Android security testing framework that identifies vulnerabilities in mobile apps and devices through Android Runtime and IPC endpoint interaction.
Needle is a discontinued open source modular framework for iOS application security assessments that was compatible with iOS 9 and iOS 10 before being replaced by Objection.
InsecureShop is an intentionally vulnerable Android application built in Kotlin for educating developers and security professionals about mobile app vulnerabilities and penetration testing techniques.
Tools for working with Android .dex and Java .class files, including dex-reader/writer, d2j-dex2jar, and smali/baksmali.
Innovative tool for mobile security researchers to analyze targets with static and dynamic analysis capabilities and sharing functionalities.
Runtime mobile exploration toolkit powered by Frida for assessing mobile app security without jailbreak.
Automates the process of preparing Android APK files for HTTPS inspection
A security policy enforcement framework for Android applications that uses bytecode rewriting and in-place reference monitoring to inject security controls into APK files.
FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.
StaDynA is a system supporting security app analysis in the presence of dynamic code update features.
Cloud-based service for testing and analyzing Android and iOS apps for malware, vulnerabilities, and security threats.
A tool for dynamic analysis of mobile applications in a controlled environment.
A VM for mobile application security testing, Android and iOS applications, with custom-made tools and scripts.
Unified mobile app security platform with SAST, DAST, and API testing
AI-powered mobile app security platform with SAST, DAST, and API testing
Mobile app risk management platform for data security and privacy testing
Agentic AI platform that automates 400+ security defenses into Android and iOS mobile
Mobile app security platform for enterprises across multiple industries
RASP solution securing mobile apps and APIs across Android, iOS, and HarmonyOS at runtime.
Mobile app threat intelligence platform with cloud-based detection & response
AI-driven mobile app hardening with cryptographic individualization
Mobile app SSL certificate pinning solution with dynamic configuration
Korean cybersecurity firm offering mobile, network, app, and DB security products.
Ad ecosystem security platform blocking malvertising, redirects & mobile threats.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
Code to prevent a managed .NET debugger/profiler from working.
OpenRASP is a runtime application self-protection solution that integrates into application servers to monitor and block threats in real-time using context-aware instrumentation.
A lightweight library for device identification and fingerprinting, written in Kotlin and 100% crash-free.
Runtime Mobile Security (RMS) is a powerful web interface powered by FRIDA for manipulating Android and iOS Apps at Runtime.
House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Linux Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis with various tools and resources.
XGuardian XARA Security Scanner for OSX with URL scheme, Bundle ID, and keychain hijack checks.
App-Ray offers comprehensive security analysis and compliance solutions for mobile applications.
A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.
An open-source tool for detecting and analyzing Android apps' vulnerabilities and security issues.
Common questions security professionals ask when evaluating alternatives and competitors to ReFlutter.
The most popular alternatives to ReFlutter include ImmuniWeb® MobileSuite, Attify Mobile Application Exploitation, Codified Security Platform, OneSpan Product, and Promon Shield for Mobile™. These Mobile App Security tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
