RiskInDroid is a tool for quantitative risk analysis of Android applications based on machine learning techniques. It uses classification techniques through scikit-learn to generate a numeric risk value between 0 and 100 for a given app. It carries out reverse engineering on the apps to retrieve the bytecode and then infers which permissions are actually used and which not.
FEATURES
ALTERNATIVES
A Python tool for patching Dalvik bytecode in DEX files and assisting in Android application analysis
PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.
Verify scripts and executables to mitigate chain of supply attacks.
A platform that provides visibility and security monitoring of hardware, firmware, and software components in IT infrastructure to identify supply chain risks and vulnerabilities.
StringSifter is a machine learning tool for automatically ranking strings for malware analysis.
GridPot is a cybersecurity tool that integrates GridLAB-D, Conpot, and libiec61850 to simulate and detect attacks on industrial control systems (ICS).
Repository for apps to be used in Shuffle with compatibility instructions.
GRFICS is a graphical realism framework for industrial control simulations using Unity 3D game engine graphics to enhance ICS security training.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.