dipa96

jadx

Dex to Java decompiler

airflow

Apache Airflow - A platform to programmatically author, schedule, and monitor workflows

jsoncrack.com

✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML, CSV and more, into interactive graphs.

owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

gef

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

drozer

The Leading Security Assessment Framework for Android.

NetExec

The Network Execution Tool

OSCE3-Complete-Guide

OSWE, OSEP, OSED, OSEE

inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

medusa

Binary instrumentation framework based on FRIDA

jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript

clairvoyance

Obtain GraphQL API schema even if the introspection is disabled

InjuredAndroid

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

surf

Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable SSRF candidates.

page-fetch

Fetch web pages using headless Chrome, storing all fetched resources including JavaScript files. Run arbitrary JavaScript on many web pages and see the returned values

ssl-kill-switch3

Next Generation SSLKillSwitch with much more support!

MobileCTF

体系化、实战化、step by step、目标清晰且具体的一个打怪升级、成长路径规划图

regulator

Automated learning of regexes for DNS discovery

dora

Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found

Awesome-Frida-UI

this tool for beginner , and make easier to use this

semgrep-rules-android-security

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

rimrafall

npm install could be dangerous

DroidSpy2

Droidspy is Re-Edit By Spymax Android Rat | Now DroidSpy Support Android Version 13

DNS-Analyzer

A Burp Suite extension for finding DNS vulnerabilities in web applications!

deeplink-fuzz.sh

A Bash wrapper for radamsa that can be used to fuzz exported activities and deep links.

android-malware-source-code-analysis

Analysis of Android malware families using available source code.

DVWA

unicoder

gpt-api

The GPT class in this Python script is designed to utilize OpenAI's GPT language model to generate responses based on the provided questions.

mousejiggler

This program is a MouseJiggler for Arduino with ATmega32u4