Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-android-security
https://github.com/Swordfish-Security/awesome-android-security
Last synced: 3 days ago
JSON representation
-
Уязвимые приложения
-
Онлайн анализаторы
- Sieve (Vulnerable ‘Password Manager’ app)
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Damn insecure and vulnerable App (DIVA)
- Sieve app
- FridaLab
- Santoku Linux - Mobile Security VM
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- ExploitMe labs by SecurityCompass
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
- Sieve app
-
-
CTF
-
Онлайн анализаторы
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- r2-pay
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Android App RE
- Hacker101 CTF: Android Challenge Writeups
- writeup 2
- HacktivityCon CTF Mobile 2020
- ASIS CTF — ShareL Walkthrough
- Evil Planner Bsides Challenge
- Hack.Lu's CTF 2011 Reverse Engineering 300
- hpAndro Vulnerable Application Challenges
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Hacker101 CTF: Android Challenge Writeups
- Hacker101 CTF: Android Challenge Writeups
- Crack-Mes
- Hacker101 CTF: Android Challenge Writeups
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Defcon-19-quals: Binary_L33tness
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Walkthrow r2-pay
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- PicoCTF-2014: Revenge of the Bleichenbacher
- GreHack-2012 - GrehAndroidMe
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Android Hacking Event 2016: StrangeCalculator
- Android Hacking Event 2016: ReverseMe
- Android Hacking Event 2016: ABunchOfNative
- Android Hacking Event 2016: DynChallenge
- PicoCTF-2014: Pickle Jar - 30
- Hacker101 CTF: Android Challenge Writeups
- Trend Micro CTF 2020
- ASIS CTF — ShareL Walkthrough
- Androidcracking.blogspot.com's Crackme’s: cracker 0
- Androidcracking.blogspot.com's Crackme’s: cracker 1
- Insomnia'hack-2K11
- CSAW-2011: Reversing101
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Android Hacking Event 2017: Token-Generator
- Android Hacking Event 2017: Flag-Validator
- Android Hacking Event 2017: You Can Hide – But You Cannot Run
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Hacker101 CTF: Android Challenge Writeups
- ASIS CTF — ShareL Walkthrough
- Android Hacking Event 2017: Esoteric
- ECHO - Ethical hacker Order
- Android Hacking Event 2017: Why Should I Pay?
- Rednaga Challenges
- Android Hacking Event 2017: AES-Decrypt
-
-
Прохождение CTF
-
En
- writeup 2
- Write-up du CTF Android
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- BSides San Francisco CTF 2017 : flag-receiver-200
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- Seccon-quals-ctf-2015 - reverse-engineering-android-apk-2
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- M1Con CTF Write up
- AES decode with Cyberchef
- Trend Micro CTF 2020 — Keybox writeup
- BSides San Francisco CTF 2017 : pinlock-150
- Part 1
- Part 2
- writeup 1
- writeup 2
- Cellebrite 2021 CTF – Investigating Heisenberg’s Android Device
- Cellebrite 2021 CTF – Marsha’s iPhone (FFS and Backup)
- Cellebrite 2021 CTF – Beth’s iPhone
- writeup 1
- CTF Write-Up: Kryptonite
- writeup 2
- HacktivityCon CTF Mobile Writeup
- writeup 1
- DroidCon, SEC-T CTF 2019
- You Shall Not Pass - BSides Canberra 2019
- Part 2
- CTF on a Budget - Magnet User Summit 2019 - Mobile
- H1 202 2018 / H1 202 CTF
- H1-702 CTF (Capture the Flag)
- Hack the Android4: Walkthrough (CTF Challenge)
- Google CTF Quals 2018
- Ilam CTF: Android Reverse WriteUp
- Vol I
- Insomni'hack Teaser 2017 : mindreader-250
- 2017_labyREnth: mob1_ezdroid
- 2017_labyREnth: mob2_routerlocker
- 2017_labyREnth: mob3_showmewhatyougot
- 2017_labyREnth: mob4_androidpan
- 2017_labyREnth: mob5_iotctf
- 2016_labyREnth: mob1_lastchance
- 2016_labyREnth: mob2_cups
- 2016_labyREnth: mob3_watt
- Holiday hack challenge: Part 04d
- Holiday hack challenge: Part 04e
- Holiday hack challenge: Part 04f
- Qiwi-ctf-2014: easydroid
- 31c3-ctf-2014: Nokia 1337
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- Google-ctf-2016: ill intentions 1
- Hackcon-ctf-2016 - you-cant-see-me-150
- writeup 2
- CTF Write-Up: Kryptonite
- SunshineCTF 2020 write-up
- CyberTruck Challenge 2019 — Android CTF
- Reverse engineering and modifying an Android game (.apk) — CTF
- DroidCon, SEC-T CTF 2019
- Holiday hack challenge: Part 04c
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- writeup 2
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- Bsidessf-ctf-2019-mobile-track
- Holiday hack challenge: Part 5
- google-ctf-2016 : little-bobby-application-250
- Pragyan-ctf-2015
- Icectf-2015: Husavik
- writeup 2
- DroidCon, SEC-T CTF 2019
- Opentoall-ctf-2015: android-oh-no
- Qiwi-ctf-2014: stolen-prototype
- writeup 2
- DroidCon, SEC-T CTF 2019
- Cyber Security Challenge 2016: Phishing is not a crime
- writeup 2
- CTF Write-Up: Kryptonite
- Magnet Virtual Summit 2020 CTF (Anroid)
- DFA/CCSC Spring 2020 CTF
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- 2016_labyREnth: mob6_ogmob
- codegate-ctf-2015: dodocrackme2
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- Seccon-quals-ctf-2015: reverse-engineering-android-apk-1
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- writeup 2
- CTF Write-Up: Kryptonite
- BELKASOFT CTF MAY 2021: WRITE-UP
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- Vol II
- ASIS 2018 Finals: Gunshop
- Holiday hack challenge: Part 02
- Holiday hack challenge: Part 04a
- Holiday hack challenge: Part 04b
- 0ctf-2016
- Google-ctf-2016
- Cyber-security-challenge-belgium-2016-qualifiers
- Su-ctf-2016 - android-app-100
- Cyber Security Challenge 2016: Dexter
- Trend-micro-ctf-2015: offensive-200
- Polictf 2015: crack-me-if-you-can
- Qiwi-ctf-2014: not-so-one-time
- Fdfpico-ctf-2014: droid-app-80
- Su-ctf-quals-2014: commercial_application
- defkthon-ctf 2014: web-300
- secuinside-ctf-prequal-2014: wooyatalk
- Asis-ctf-finals-2014: numdroid
- PicoCTF-2014: Droid App
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- 2016_labyREnth: mob4_swip3r
- 2016_labyREnth: mob5_ioga
- CyberTruck Challenge 2019 — Android CTF
- writeup 2
- CTF Write-Up: Kryptonite
- RaziCTF 2020 WriteUp: Chasing a lock
- AppSecIL CTF)
- DroidCon, SEC-T CTF 2019
- Volgactf-quals-2015
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- NahamCon 2021 Writeups
- CyberSpaceKenya CTF
- writeup 2
- writeup 2
- CTF Write-Up: Kryptonite
- DroidCon, SEC-T CTF 2019
- CyberTruck Challenge 2019 — Android CTF
- Holiday hack challenge: Part 01
- RC3 CTF 2016: My Lil Droid
- 0ctf-2015
- Cyber-security-challenge-2015
- 32c3-ctf-2015: libdroid-150
- TinyCTF 2014: Ooooooh! What does this button do?
- Cellebrite CTF 2021 Writeup
- Rctf-quals-2015
- Insomni-hack-ctf-2015
- NDH2k14-wargames: crackme200-ChunkNorris
- Hack.lu CTF 2013: Robot Plans
- CSAW Quals CTF 2015: Herpderper
-
Ru
-
-
Статьи
-
En
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- How to use Ghidra to Reverse Engineer Mobile Application
- How to use Ghidra to Reverse Engineer Mobile Application
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- How to use Ghidra to Reverse Engineer Mobile Application
- Frida. 11x256's Reverse Engineering blog
- How to use Ghidra to Reverse Engineer Mobile Application
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- How to use Ghidra to Reverse Engineer Mobile Application
- The art of exploiting UAF by Ret2bpf in Android kernel
- A Deep Dive into Privacy Dashboard of Top Android Vendors
- Android Component Security | The Four Horsemen
- Android Awesome Security
- How to use Ghidra to Reverse Engineer Mobile Application
- Tiktok data acquisition Frida tutorial, Frida Java Hook detailed explanation: code and example. Part 1
- Frida Scripting Guide
- Android Hacking with FRIDA
- How to hook Android Native methods with Frida (Noob Friendly)
- Mobile Pentesting With Frida
- Android security checklist: WebView
- Use cryptography in mobile apps the right way
- Why dynamic code loading could be dangerous for your apps: a Google example
- Arbitrary code execution on Facebook for Android through download feature
- Android Webview Exploited
- Exploiting memory corruption vulnerabilities on Android
- Two weeks of securing Samsung devices: Part 1
- Two weeks of securing Samsung devices: Part 2
- 24,000 Android apps expose user data through Firebase blunders
- The wolf is back - Android malware modification
- Modern Security in Android. Part 1
- Modern Security in Android. Part 2
- Modern Security in Android. Part 3
- StrandHogg 2
- Security Testing for Android Cross Platform Application
- Android Applications Reversing 101
- Android WebView Vulnerabilities
- Root Detection Bypass By Manual Code Manipulation.
- GEOST BOTNET - the discovery story of a new Android banking trojan
- AndrODet: An adaptive Android obfuscation detector
- Hands On Mobile API Security
- Zero to Hero - Mobile Application Testing - Android Platform
- Inspecting Android HTTP with a fake VPN
- Outlook for Android XSS
- Mobile Blackhat Asia 2020
- Lockscreen and Authentication Improvements in Android 11
- Firefox: How a website could steal all your cookies
- An iOS hacker tries Android
- Hack crypto secrets from heap memory to exploit Android application
- Reverse engineering Flutter for Android
- Persistant Arbitrary code execution in mattermost android
- Common mistakes when using permissions in Android
- How to use Ghidra to Reverse Engineer Mobile Application
- Android 13 deep dive: Every change up to DP2, thoroughly documented
- When Equal is Not, Another WebView Takeover Story
- Bypassing SSL pinning on Android Flutter Apps with Ghidra
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- How Android updates work: A peek behind the curtains from an insider
- Tiktok data acquisition Frida tutorial, Frida Java Hook detailed explanation: code and example. Part 2
- Frida. 11x256's Reverse Engineering blog
- Reverse Engineering Nike Run Club Android App Using Frida
- Beginning Frida: Learning Frida use on Linux and (just a bit on) Wintel and Android systems with Python and JavaScript (Frida. hooking, and other tools)
- Подборка дисклозов с HackerOne
- Подробнейшая инструкция по настройке рабочего окружения
- Android Security Workshop
- Android IPC: Part 1 – Introduction
- Android IPC: Part 2 – Binder and Service Manager Perspective
- Aarogya setu spyware analisys
- Android Pentesting Labs - Step by Step guide for beginners
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Android Pentesting Labs - Step by Step guide for beginners
- Intercepting Android Emulator SSL traffic with burp using magisk
- Android Pentesting Labs - Step by Step guide for beginners
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How I Hacked facebook Again!
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Reversing an Android app Protector, Part 1 – Code Obfuscation & RASP
- Part 2
- TikTok: Logs, Logs, Logs
- TikTok: What is an app log?
- Reversing an Android app Protector, Part 2 – Assets and Code Encryption
- Reversing an Android app Protector, Part 3 – Code Virtualization
- Structured fuzzing Android's NFC
- MMS Exploit Part 1: Introduction to the Samsung Qmage Codec and Remote Attack Surface
- DJI ANDROID GO 4 APPLICATION SECURITY ANALYSIS
- B3nac - Android application exploitation
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Reverse Engineering Snapchat (Part II): Deobfuscating the Undeobfuscatable
- Firebase Cloud Messaging Service Takeover
- Android Pentesting Labs - Step by Step guide for beginners
- An Android Hacking Primer
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- React Native Application Static Analysis
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Android Pentesting Labs - Step by Step guide for beginners
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- Reverse Engineering Snapchat (Part I): Obfuscation Techniques
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- SafetyNet’s dreaded hardware attestation
- System hardening in Android 11
- Snapchat detection on Android
- Part 1
- Part 3
- Android Pentesting Labs - Step by Step guide for beginners
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Android Pentesting Labs - Step by Step guide for beginners
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Android Pentesting Labs - Step by Step guide for beginners
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Android Pentesting Labs - Step by Step guide for beginners
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Playing Around With The Fuchsia Operating System Security
- Intercepting traffic from Android Flutter applications
- Part 1
- Android Pentesting Labs - Step by Step guide for beginners
- Dive deep into Android Application Security
- Android Malware Adventures
- Bypassing Android Anti-Emulation
- Bypassing Xamarin Certificate Pinning
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Decrypting Mobile App Traffic using AES Killer and Frida
- OWASP Top 10: Static Analysis of Android Application & Tools Used
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- Re route Your Intent for Privilege Escalation (A Universal Way to Exploit Android PendingIntents in High profile and System Apps)
- How to use Ghidra to Reverse Engineer Mobile Application
- Pentesting Non-Proxy Aware Mobile Applications Without Root/Jailbreak
- 2 click Remote Code execution in Evernote Android
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Mobile Security Testing Guide
- How to use Ghidra to Reverse Engineer Mobile Application
- Obfuscated obfuscation. Analysing application under DexGuard
- Decrypting "Secret Calculator Photo Vault"
- How to use Ghidra to Reverse Engineer Mobile Application
- WhatsApp Bug Bounty: Bypassing biometric authentication using voip
- Intercepting Android Emulator SSL traffic with burp using magisk
- Android Pentesting Labs - Step by Step guide for beginners
- Exploiting a Single Instruction Race Condition in Binder
- A Special Attack Surface of the Android System (1): Evil Dialog Box
- Launching Internal & Non-Exported Deeplinks On Facebook
- Reverse engineering Flutter apps (Part 1)
- Instagram_RCE: Code Execution Vulnerability in Instagram App for Android and iOS
- How to use Ghidra to Reverse Engineer Mobile Application
- How to use Ghidra to Reverse Engineer Mobile Application
- Frida scripting guide for Java
- Part 2
- Saying Goodbye to my Favorite 5 Minute P1
- How to use Ghidra to Reverse Engineer Mobile Application
- Firefox: How a website could steal all your cookies
- Hack crypto secrets from heap memory to exploit Android application
- Android Application Testing Using Windows 11 and Windows Subsystem for Android
- Forensic guide to iMessage, WhatsApp, Telegram, Signal and Skype data acquisition
- Malware uses Corporate MDM as attack vector
- Mobexler Checklist
- Ad Fraud Spotted in Barcode Reader Malware Analysis
- Researching Confide Messenger Encryption
- How to use Ghidra to Reverse Engineer Mobile Application
- How to use Ghidra to Reverse Engineer Mobile Application
-
Ru
- Развитие механизмов безопасности Android (от версии к версии)
- Безопасность мобильного OAuth 2.0
- Android Task Hijacking. Разбираем актуальную технику подмены приложений в Android
- Проверили с помощью PVS-Studio исходные коды Android, или никто не идеален
- Подменяем Runtime permissions в Android
- Как root-права и альтернативные прошивки делают ваш android смартфон уязвимым
- Drozer, эмулятор и эльфийские костыли
- Держи свой трафик в тайне. SSL Pinning — ещё раз о том же самом
-
-
Инструменты анализа
-
- QARK - An Obfuscation-Neglect Android Malware Scoring System
- QARK – Quick Android Review Kit
- ADB Toolkit
- MEDUSA
- diffuse
- ApkDiff
- GDA(GJoy Dex Analyzer)
- APK Analyzer – Static and Virtual Analysis Tool
- Droid Hunter – Android application vulnerability analysis and Android pentest tool
- Error Prone – Static Analysis Tool
- Flow Droid – Static Data Flow Tracker
- Smali/Baksmali – Assembler/Disassembler for the dex format
- Vector Attack Scanner – To search vulnerable points to attack
- Gradle Static Analysis Plugin
- Android Check – Static Code analysis plugin for Android Project
- APK Leaks – Scanning APK file for URIs, endpoints & secrets
- fridax
- Tool for Injecting Malicious Payloads Into Barcodes
- Setup for i0S and Android Application Analysis - This is a cheatsheet to install tools required for i0S and Android application pentesting
- ReFlutter
- Lief
- Jeb2Frida
- Objection
- APK Inspector – A Powerful GUI Tool
- Find Security Bugs – A SpotBugs plugin for security audits of Java web applications.
- AES Killer (Burpsuite Plugin)
- Mobile Verification Toolkit
- InjectFakeSecurityProvider - print the key, key size, algorithm parameters, keystore password in logcat
- Frida
- Pithus - free and open-source platform to analyze Android applications
- ProxyDroid
- Smali-CFGs – Smali Control Flow Graph’s
- CuckooDroid 2.0 - Automated Android Malware Analysis
- CheckKarlMarx - Security проверки для релизных сборок
- parserDex
- Thresher – To check heap reachability properties
- APKProxyHelper
- APKLab
- RASE - Persistent Rooting Android Studio Emulator
- EdXposed Framework
- fridroid-unpacker - Defeat Java packers via Frida instrumentation
- Androguard
- AFL - american fuzzy lop
- Amandroid – A Static Analysis Framework
- SPARTA – Static Program Analysis for Reliable Trusted Apps
- MOBEXLER
- Generate Malformed QRCodes
-
Динамический анализ
- Adhrit - Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks
- Android Hooker - Opensource project for dynamic analyses of Android applications
- AppAudit - A bare-metal analysis tool on Android devices
- DroidBox - Dynamic analysis of Android applications
- Droid-FF - Android File Fuzzing Framework
- Marvin - Analyzes Android applications and allows tracking of an app
- Inspeckage
- PATDroid - Collection of tools and data structures for analyzing Android applications
- Radare2 - Unix-like reverse engineering framework and commandline tools
- Mobile-Security-Framework MobSF
- Runtime Mobile Security (RMS) - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
- Stingray
- AppAudit - Online tool ( including an API) uses dynamic and static analysis
- AndroL4b - Android security virtual machine based on ubuntu-mate
- Cutter - Free and Open Source RE Platform powered by radare2
- ByteCodeViewer - Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger)
-
Онлайн анализаторы
-
-
Видео
-
Ru
- Как взламывают android-приложения и что после этого бывает (Workshop)
- Android Broadcast - Безопасность Android приложений
- По следам Google I/O 2021: Безопасность и приватность
- Хранение ключей API в нативном коде
- Репозиторий с примерами из видео
- Как прикрутить и отломать SSL pinning. CetificatePinner & NSC vs Reverse Engineer
- Открытая лекция: Основы информационной безопасности для мобильных разработчиков
- Динамический анализ мобильных приложений
- Android Broadcast - Безопасность мобильных приложений
- Вопросы новичков о безопасности Android
-
En
- Securing the System: A Deep Dive into Reversing Android Pre-Installed Apps
- Android App Reverse Engineering Workshop
- Android Code Deobfuscation
- Android Security Symposium 2020. Day 1
- Android Security Symposium 2020. Day 2
- B3nac - Android application exploitation
- Practical security for Android apps
- Modern security for Android Developers
- Modern Android Hacking
- Defending Your Users
- Best practices for making your app private by design
- Android Memory Safety Tools
- The most interesting (and unexpected) submissions to the Android Security Bulletin
- Introducing Play Integrity API: Protect your apps and games
- Mobile App Pentesting
- Easy mobile penetration testing with Brida
- Цикл видосов по Android Reverse Engineering
- Exploiting Android deep links and exported components
- The Worst Mobile Apps
- Learn modding Unity apps and games with Frida
- ANDROID APP SECURITY BASICS
- HACKING ANDROID WebViews
- Слайды Android application exploitation
- Deep Link Route and Validation Bypasses
- Mobile Hacking Workshop
- Forging Golden Hammer Against Android App Protections by Georges-Bastien Michel
- Репозиторий с кодом и слайдами
- Android Exploits 101 Workshop
- The Mobile Sec Special
- Hacking Android Apps with Frida
-
-
Подкасты
Programming Languages
Categories
Sub Categories
Keywords
android
14
reverse-engineering
8
mobile-security
7
malware-analysis
5
security
5
apk
4
frida
4
static-analysis
4
android-security
4
ios
3
dynamic-analysis
3
dex
3
dalvik
3
penetration-testing
3
pentest
2
xposed
2
bytecode
2
smali
2
pentesting
2
bugbounty
2
ios-security
2
mobile
2
vulnerability
2
java
2
binary-analysis
2
forensics
2
pmd
1
open-source
1
novoda
1
gradle-plugin
1
gradle
1
findbugs
1
detekt
1
code-quality
1
lief
1
executable-formats
1
elf
1
art
1
ssl-pinning
1
xamarin
1
variables
1
mono
1
modify
1
just-in-time
1
jit
1
intercept
1
functions
1
arguments
1
aot
1
ahead-of-time
1