objection - Runtime Mobile Exploration
objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak. Supports both iOS and Android. Inspect and interact with container file systems. Bypass SSL pinning. Dump keychains. Perform memory related tasks, such as dumping & patching. Explore and manipulate objects on the heap. And much, much more... Screenshots are available in the wiki. Installation is simply a matter of pip3 install objection. This will give you the objection command. You can update an existing objection installation with pip3 install --upgrade objection. For more detailed update and installation instructions, please refer to the wiki page here. objection is licensed under a GNU General Public v3 License. Permissions beyond the scope of this license may be available at http://sensepost.com/contact.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A data-mining and deep web asset search engine for breach analysis and prevention services.
A tool for extracting static and dynamic features from Android APKs.
Comprehensive manual for mobile app security testing and reverse engineering with technical processes for verifying controls.
A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.
A search engine for the Internet of Things (IoT) that discovers and monitors devices connected to the internet.
Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.
A command line steganography tool that uses LSB technique to hide files within images without visible alteration.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.