Mobile Security

A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.

House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

XDR platform with EDR, NGAV, MDR, threat hunting, and incident response

A command-line tool for extracting data from iOS mobile device backups created by iTunes on macOS systems.

Comprehensive manual for mobile app security testing and reverse engineering with technical processes for verifying controls.

iOS application for testing iOS penetration testing skills in a legal environment.

Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.

A digital forensics tool that extracts and exports location database contents from iOS and macOS devices in KML or CSV formats.

A forensic toolkit for analyzing Android and iOS devices to detect potential spyware infections and security compromises using indicators of compromise.

Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.

Argus-SAF is a static analysis framework for security vetting Android applications.

An Android-based self-defense application against forensic imaging tools like Cellebrite UFED.

A behavior-based malware detection system for Android platforms that uses crowdsourcing to detect anomalies and malware in applications.

CFGScanDroid is a Java utility that compares control flow graph signatures to Android method control flow graphs for malicious application detection.

A lightweight library for device identification and fingerprinting, written in Kotlin and 100% crash-free.

ConDroid is a concolic execution framework for Android applications that automates dynamic analysis by driving execution to specific code locations without manual interaction.

A collection of security reports and resources documenting various Android application vulnerabilities including hardcoded credentials, insecure deeplinks, and code execution flaws.

Redexer is a reengineering tool that parses, analyzes, and modifies Android DEX files for binary manipulation and permission analysis.

Innovative tool for mobile security researchers to analyze targets with static and dynamic analysis capabilities and sharing functionalities.

ReFlutter is a reverse engineering framework that uses patched Flutter libraries to enable dynamic analysis and traffic monitoring of Flutter mobile applications on Android and iOS platforms.

A command-line Android APK vulnerability analyzer written in Rust that decompresses and scans APK files using rule-based detection to identify security issues.

XGuardian XARA Security Scanner for OSX with URL scheme, Bundle ID, and keychain hijack checks.

A Java-based API tool for programmatically searching and downloading Android applications from Google Play Store with Galaxy S3 device compatibility.

DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.