Thomas Cannon's repositories
android-sms-spoof
PoC app which takes advantage of Android's SmsReceiverService being exported to fake an incoming SMS with no permissions.
android-fde-decryption
Cracking and decrypting Android Full Device Encryption
android-nfc-paycardreader
NFC card reader Android app. Currently reads the german GeldKarte and some credit cards.
sim-ota-updates
Extracting MAC from SIM cards to crack DES OTA key for SIM updates
android-cve-2010-4804
Android Data Stealing Vulnerability
droidsec.github.io
The droidsec web site!
espruino-lightwaverf
LightwaveRF for Espruino
windows-certificate-export
Exporting Non-exportable Certificates from Microsoft Windows
kali-setup
Customise a new Kali setup with preferred tools
arduino-bank-vault
Custom microcontroller powered bank vault as a hacking challenge
owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
semgrep-rules-android-security
A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
uber-apk-signer
A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.