MARA is a Mobile Application Reverse engineering and Analysis Framework that combines commonly used tools for testing mobile applications against OWASP mobile security threats. It supports features like APK reverse engineering, disassembling Dalvik bytecode, decompiling APK to Java source code, APK deobfuscation, APK analysis, and more. Developed and maintained by @xtian_kisutsa and @iamckn, MARA is in its early stages of development with ongoing updates based on the roadmap.
FEATURES
SIMILAR TOOLS
Python tool for monitoring user-select APIs in Android apps using Frida.
A hardware security validation toolkit for x86 platforms that provides bootable tools for checking platform configuration registers and managing SecureBoot keys.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
A command line steganography tool that uses LSB technique to hide files within images without visible alteration.
Semi-tethered jailbreak for iPhone 5s to iPhone X, running iOS 12.0 and up, using the 'checkm8' bootrom exploit.
A platform for creating and managing fake phishing campaigns to raise awareness and train users to identify suspicious emails.
An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.
A data-mining and deep web asset search engine for breach analysis and prevention services.
Hashcat is a fast and advanced password recovery utility that supports various attack modes and hashing algorithms, and is open-source and community-driven.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.