Android Security

Cybercrime intelligence tools for searching compromised credentials from infostealers

MDM solution for managing and securing company-owned mobile devices

ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.

ALEAPP is a Python-based forensic tool for parsing Android logs, events, and protobuf data with both CLI and GUI interfaces.

A comprehensive Android application analysis tool that provides device management, logcat analysis, file examination, and integration with security frameworks like MobSF and JD-GUI.

APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.

AMDH is a Python3 Android security tool that automates mobile device hardening through malware detection, privacy protection, CIS benchmark compliance, and application security analysis.

InsecureShop is an intentionally vulnerable Android application built in Kotlin for educating developers and security professionals about mobile app vulnerabilities and penetration testing techniques.

An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.

OVAA is an intentionally vulnerable Android application that aggregates common platform security vulnerabilities for educational and security testing purposes.

A repository aiming to archive all Android security presentations and whitepapers from conferences.

Fridump is an open source memory dumping tool that uses the Frida framework to extract accessible memory addresses from iOS, Android, and Windows applications for security testing and analysis.

AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.

A deliberately vulnerable Android application containing multiple security flaws designed for educational purposes and security training.

A security checklist based on OWASP standards that provides comprehensive guidelines for designing, testing, and releasing secure Android applications.

An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.

AppMon is a Frida-based automated framework for monitoring and tampering with system API calls across macOS, iOS, and Android applications.

An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.

RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.

UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.

AMExtractor is an Android memory acquisition tool that dumps physical device memory using /dev/kmem without requiring kernel source code.

A security policy enforcement framework for Android applications that uses bytecode rewriting and in-place reference monitoring to inject security controls into APK files.

QARK is a static analysis tool that scans Android applications for security vulnerabilities and can generate proof-of-concept exploits for discovered issues.

Docker file for building Androguard dependencies with an optional interactive shell environment.