Masochist is a framework for creating XNU based rootkits. Very useful in OS X and iOS security research. It can do cool things like: * Public symbol resolution * Process manipulation * System call hijacking Masochist is currently compatible with 64-bit OS X machines (I think). I've only tested this on 10.10. If anyone is brave enough to try it on their system, I would be very grateful. Usage: To use this code, please import these files into your kernel extension project in Xcode. Then, import the headers that you need to use. I recommend this repo as a starting point for your project. It has been configured and is ready to be built inside Xcode. API docs can be found on the Wiki page. Disclaimer: Please don't do anything stupid/illegal with this. This stuff can break your Mac. If you're unsure, run OS X in a VM.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Tools for working with Android .dex and Java .class files, including dex-reader/writer, d2j-dex2jar, and smali/baksmali.
A cheat sheet for default credentials to aid in penetration testing and vulnerability assessment
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
A modified version of Cuckoo Sandbox with enhanced features and capabilities.
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
Redexer is a reengineering tool for Android app binaries with features like RefineDroid and Dr. Android.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.