darahbiru's repositories
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
akabe1-semgrep-rules
My collection of Semgrep rules for vulnerability detection on source code (swift, java)
blutter
Flutter Mobile Application Reverse Engineering Tool
OSX-KVM
Run macOS on QEMU/KVM. With OpenCore + Monterey + Ventura + Sonoma support now! Only commercial (paid) support is available now to avoid spammy issues. No Mac system is required.
iOS_Reverse_Engineering
The iOS IPA file Reverse Engineering reference
RMS-Runtime-Mobile-Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
usbmuxd
A socket daemon to multiplex connections from and to iOS devices
radare2
UNIX-like reverse engineering framework and command-line toolset
Docker-OSX
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
frida-ios-hook
A tool that helps you easy trace classes, functions, and modify the return values of methods on iOS platform
SqliSniper
Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers
Telerecon
A reconnaissance framework for researching and investigating Telegram.
BlackDex
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.
Loki
Loki - Simple IOC and YARA Scanner
fridump
A universal memory dumper using Frida
uber-apk-signer
A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
HowToHunt
Collection of methodology and test case for various web vulnerabilities.
ghidra-frida-hook-gen
Frida hook generator for Ghidra
sysreptor
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
grapefruit
(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
zsh-autosuggestions
Fish-like autosuggestions for zsh
Katalina
Katalina is like Unicorn but for Dalvik bytecode. It provides an environment that can execute Android bytecode one instruction at a time.
ARTful
The ARTful library for dynamically modifying the Android Runtime
KUNAI-static-analyzer
Tool aimed to provide a binary analysis of different file formats through the use of an Intermmediate Representation.