There are 7 repositories under mobile-pentest topic.
Android Penetration Testing setup tool. Garuda automates the installation of the required tools to perform Android Security Analysis.
Droz_scan is a automated script, that runs all the queries of drozer in a single run
This write-up will provide detailed description on how to bypass Guided Access mode on Apple iPhones.
Uncover usage of insecure functions, implementation of weak cryptography, encryption status, and the presence of security features like Position Independent Executable (PIE), Stack Canaries, and Automatic Reference Counting (ARC) in iOS Applications Binaries.
Android App Security Checklist
The MPT (Mobile Pentest Toolkit) is a must-have solution for your android penetration testing workflow.
A collection of android security related resources
Um pequeno setup para pentest em aplicações mobile.
OSX and iOS related security tools
Mobile Application Penetration Testing checklist including iOS and Android
frick - aka the first debugger built on top of frida - is a kick ass frida cli for reverse engineer inspired by the epic GDB init gef by @hugsy.
Read a plist file, write out any embedded plist files
Bypass SSL certificate pinning for most applications
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
Android application vulnerability analysis and Android pentest tool
Python tool that generates an Xmind map with all the information gathered and any evidence of possible vulnerabilities identified via static analysis. The map itself is an Android Application Pentesting Methodology component, which assists Pentesters to cover all important areas during an assessment.
A library to use Xposed without root or recovery(or modify system image etc..).
Instruments to assist in binary application reversing and augmentation, geared towards walled gardens like iOS and macOS
Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.
Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps
Easy SSL pinning validation and reporting for Android.