Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/hahwul/MobileHackersWeapons
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
https://github.com/hahwul/MobileHackersWeapons
List: MobileHackersWeapons
android awesome-list bugbounty bugbountytips hacking ios mobilehacks scanner security tools
Last synced: 3 months ago
JSON representation
Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
- Host: GitHub
- URL: https://github.com/hahwul/MobileHackersWeapons
- Owner: hahwul
- License: mit
- Created: 2021-01-12T16:03:41.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2024-04-19T12:16:03.000Z (7 months ago)
- Last Synced: 2024-05-02T06:06:41.397Z (6 months ago)
- Topics: android, awesome-list, bugbounty, bugbountytips, hacking, ios, mobilehacks, scanner, security, tools
- Language: Go
- Homepage:
- Size: 1.5 MB
- Stars: 641
- Watchers: 43
- Forks: 117
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
- awesome-hacking-lists - hahwul/MobileHackersWeapons - Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting (Go)
- ultimate-awesome - MobileHackersWeapons - Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting. (Other Lists / PowerShell Lists)
README
A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting## Family project
[![WebHackersWeapons](https://img.shields.io/github/stars/hahwul/WebHackersWeapons?label=WebHackersWeapons)](https://github.com/hahwul/WebHackersWeapons)
[![MobileHackersWeapons](https://img.shields.io/github/stars/hahwul/MobileHackersWeapons?label=MobileHackersWeapons)](https://github.com/hahwul/MobileHackersWeapons)## Table of Contents
- [Weapons](#weapons)
- [Contribute](/CONTRIBUTING.md)
- [Thanks to contributor](#thanks-to-contributor)## Weapons
| OS | Type | Name | Description | Popularity | Language |
| ---------- | :---------- | :---------- | :----------: | :----------: | :----------: |
| All | Analysis | [RMS-Runtime-Mobile-Security](https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security) | Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime | ![](https://img.shields.io/github/stars/m0bilesecurity/RMS-Runtime-Mobile-Security) | ![](https://img.shields.io/github/languages/top/m0bilesecurity/RMS-Runtime-Mobile-Security) |
| All | Analysis | [flipper](https://github.com/facebook/flipper) | A desktop debugging platform for mobile developers. | ![](https://img.shields.io/github/stars/facebook/flipper) | ![](https://img.shields.io/github/languages/top/facebook/flipper) |
| All | Analysis | [scrounger](https://github.com/nettitude/scrounger) | Mobile application testing toolkit | ![](https://img.shields.io/github/stars/nettitude/scrounger) | ![](https://img.shields.io/github/languages/top/nettitude/scrounger) |
| All | Pentest | [metasploit-framework](https://github.com/rapid7/metasploit-framework) | Metasploit Framework | ![](https://img.shields.io/github/stars/rapid7/metasploit-framework) | ![](https://img.shields.io/github/languages/top/rapid7/metasploit-framework) |
| All | Proxy | [BurpSuite](https://portswigger.net/burp) | The BurpSuite|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)
| All | Proxy | [hetty](https://github.com/dstotijn/hetty) | Hetty is an HTTP toolkit for security research. | ![](https://img.shields.io/github/stars/dstotijn/hetty) | ![](https://img.shields.io/github/languages/top/dstotijn/hetty) |
| All | Proxy | [httptoolkit](https://github.com/httptoolkit/httptoolkit) | HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac | ![](https://img.shields.io/github/stars/httptoolkit/httptoolkit) | ![](https://img.shields.io/github/languages/top/httptoolkit/httptoolkit) |
| All | Proxy | [proxify](https://github.com/projectdiscovery/proxify) | Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go. | ![](https://img.shields.io/github/stars/projectdiscovery/proxify) | ![](https://img.shields.io/github/languages/top/projectdiscovery/proxify) |
| All | Proxy | [zaproxy](https://github.com/zaproxy/zaproxy) | The OWASP ZAP core project | ![](https://img.shields.io/github/stars/zaproxy/zaproxy) | ![](https://img.shields.io/github/languages/top/zaproxy/zaproxy) |
| All | RE | [diff-gui](https://github.com/antojoseph/diff-gui) | GUI for Frida -Scripts | ![](https://img.shields.io/github/stars/antojoseph/diff-gui) | ![](https://img.shields.io/github/languages/top/antojoseph/diff-gui) |
| All | RE | [frida](https://github.com/frida/frida) | Clone this repo to build Frida | ![](https://img.shields.io/github/stars/frida/frida) | ![](https://img.shields.io/github/languages/top/frida/frida) |
| All | RE | [frida-tools](https://github.com/frida/frida-tools) | Frida CLI tools | ![](https://img.shields.io/github/stars/frida/frida-tools) | ![](https://img.shields.io/github/languages/top/frida/frida-tools) |
| All | RE | [fridump](https://github.com/Nightbringer21/fridump) | A universal memory dumper using Frida | ![](https://img.shields.io/github/stars/Nightbringer21/fridump) | ![](https://img.shields.io/github/languages/top/Nightbringer21/fridump) |
| All | RE | [ghidra](https://github.com/NationalSecurityAgency/ghidra) | Ghidra is a software reverse engineering (SRE) framework | ![](https://img.shields.io/github/stars/NationalSecurityAgency/ghidra) | ![](https://img.shields.io/github/languages/top/NationalSecurityAgency/ghidra) |
| All | SCRIPTS | [frida-gadget](https://github.com/ksg97031/frida-gadget) | frida-gadget is a tool that can be used to patch APKs in order to utilize the Frida gadget. | ![](https://img.shields.io/github/stars/ksg97031/frida-gadget) | ![](https://img.shields.io/github/languages/top/ksg97031/frida-gadget) |
| All | SCRIPTS | [frida-scripts](https://github.com/0xdea/frida-scripts) | A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps. | ![](https://img.shields.io/github/stars/0xdea/frida-scripts) | ![](https://img.shields.io/github/languages/top/0xdea/frida-scripts) |
| All | Scanner | [Mobile-Security-Framework-MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) | Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. | ![](https://img.shields.io/github/stars/MobSF/Mobile-Security-Framework-MobSF) | ![](https://img.shields.io/github/languages/top/MobSF/Mobile-Security-Framework-MobSF) |
| All | Scanner | [StaCoAn](https://github.com/vincentcox/StaCoAn) | StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. | ![](https://img.shields.io/github/stars/vincentcox/StaCoAn) | ![](https://img.shields.io/github/languages/top/vincentcox/StaCoAn) |
| All | Utils | [watchman](https://github.com/facebook/watchman) | Watches files and records, or triggers actions, when they change. | ![](https://img.shields.io/github/stars/facebook/watchman) | ![](https://img.shields.io/github/languages/top/facebook/watchman) |
| Android | Analysis | [apkleaks](https://github.com/dwisiswant0/apkleaks) | Scanning APK file for URIs, endpoints & secrets. | ![](https://img.shields.io/github/stars/dwisiswant0/apkleaks) | ![](https://img.shields.io/github/languages/top/dwisiswant0/apkleaks) |
| Android | Analysis | [drozer](https://github.com/FSecureLABS/drozer) | The Leading Security Assessment Framework for Android. | ![](https://img.shields.io/github/stars/FSecureLABS/drozer) | ![](https://img.shields.io/github/languages/top/FSecureLABS/drozer) |
| Android | Device | [scrcpy](https://github.com/Genymobile/scrcpy) | Display and control your Android device | ![](https://img.shields.io/github/stars/Genymobile/scrcpy) | ![](https://img.shields.io/github/languages/top/Genymobile/scrcpy) |
| Android | Discovery | [PortAuthority](https://github.com/aaronjwood/PortAuthority) | A handy systems and security-focused tool, Port Authority is a very fast Android port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts. | ![](https://img.shields.io/github/stars/aaronjwood/PortAuthority) | ![](https://img.shields.io/github/languages/top/aaronjwood/PortAuthority) |
| Android | Monitor | [Hijacker](https://github.com/chrisk44/Hijacker) | Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android | ![](https://img.shields.io/github/stars/chrisk44/Hijacker) | ![](https://img.shields.io/github/languages/top/chrisk44/Hijacker) |
| Android | Monitor | [PCAPdroid](https://github.com/emanuele-f/PCAPdroid) | No-root network monitor, firewall and PCAP dumper for Android | ![](https://img.shields.io/github/stars/emanuele-f/PCAPdroid) | ![](https://img.shields.io/github/languages/top/emanuele-f/PCAPdroid) |
| Android | NFC | [nfcgate](https://github.com/nfcgate/nfcgate) | An NFC research toolkit application for Android | ![](https://img.shields.io/github/stars/nfcgate/nfcgate) | ![](https://img.shields.io/github/languages/top/nfcgate/nfcgate) |
| Android | Pentest | [Kali NetHunter](https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-project) | Mobile Penetration Testing Platform|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)
| Android | RE | [Apktool](https://github.com/iBotPeaches/Apktool) | A tool for reverse engineering Android apk files | ![](https://img.shields.io/github/stars/iBotPeaches/Apktool) | ![](https://img.shields.io/github/languages/top/iBotPeaches/Apktool) |
| Android | RE | [JEB](https://www.pnfsoftware.com/jeb/) | reverse-engineering platform to perform disassembly, decompilation, debugging, and analysis of code and document files, manually or as part of an analysis pipeline.|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)
| Android | RE | [Smali-CFGs](https://github.com/EugenioDelfa/Smali-CFGs) | Smali Control Flow Graph's | ![](https://img.shields.io/github/stars/EugenioDelfa/Smali-CFGs) | ![](https://img.shields.io/github/languages/top/EugenioDelfa/Smali-CFGs) |
| Android | RE | [androguard](https://github.com/androguard/androguard) | Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !) | ![](https://img.shields.io/github/stars/androguard/androguard) | ![](https://img.shields.io/github/languages/top/androguard/androguard) |
| Android | RE | [apkx](https://github.com/b-mueller/apkx) | One-Step APK Decompilation With Multiple Backends | ![](https://img.shields.io/github/stars/b-mueller/apkx) | ![](https://img.shields.io/github/languages/top/b-mueller/apkx) |
| Android | RE | [btrace](https://github.com/bytedance/btrace) | 🔥🔥 btrace(AKA RheaTrace) is a high performance Android trace tool which is based on Systrace, it support to define custom events automatically during building apk and using bhook to provider more native events like IO. | ![](https://img.shields.io/github/stars/bytedance/btrace) | ![](https://img.shields.io/github/languages/top/bytedance/btrace) |
| Android | RE | [bytecode-viewer](https://github.com/Konloch/bytecode-viewer/) | A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More) | ![](https://img.shields.io/github/stars/Konloch/bytecode-viewer/) | ![](https://img.shields.io/github/languages/top/Konloch/bytecode-viewer/) |
| Android | RE | [dex-oracle](https://github.com/CalebFenton/dex-oracle) | A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis | ![](https://img.shields.io/github/stars/CalebFenton/dex-oracle) | ![](https://img.shields.io/github/languages/top/CalebFenton/dex-oracle) |
| Android | RE | [dex2jar](https://github.com/pxb1988/dex2jar) | Tools to work with android .dex and java .class files | ![](https://img.shields.io/github/stars/pxb1988/dex2jar) | ![](https://img.shields.io/github/languages/top/pxb1988/dex2jar) |
| Android | RE | [enjarify](https://github.com/Storyyeller/enjarify) | Enjarify is a tool for translating Dalvik bytecode to equivalent Java bytecode. This allows Java analysis tools to analyze Android applications. | ![](https://img.shields.io/github/stars/Storyyeller/enjarify) | ![](https://img.shields.io/github/languages/top/Storyyeller/enjarify) |
| Android | RE | [jadx](https://github.com/skylot/jadx) | Dex to Java decompiler | ![](https://img.shields.io/github/stars/skylot/jadx) | ![](https://img.shields.io/github/languages/top/skylot/jadx) |
| Android | RE | [jd-gui](https://github.com/java-decompiler/jd-gui) | A standalone Java Decompiler GUI | ![](https://img.shields.io/github/stars/java-decompiler/jd-gui) | ![](https://img.shields.io/github/languages/top/java-decompiler/jd-gui) |
| Android | RE | [procyon](https://github.com/mstrobel/procyon) | Procyon is a suite of Java metaprogramming tools, including a rich reflection API, a LINQ-inspired expression tree API for runtime code generation, and a Java decompiler. | ![](https://img.shields.io/github/stars/mstrobel/procyon) | ![](https://img.shields.io/github/languages/top/mstrobel/procyon) |
| Android | Scanner | [qark](https://github.com/linkedin/qark) | Tool to look for several security related Android application vulnerabilities | ![](https://img.shields.io/github/stars/linkedin/qark) | ![](https://img.shields.io/github/languages/top/linkedin/qark) |
| Android | Target | [PlaystoreDownloader](https://github.com/ClaudiuGeorgiu/PlaystoreDownloader) | A command line tool to download Android applications directly from the Google Play Store by specifying their package name (an initial one-time configuration is required) | ![](https://img.shields.io/github/stars/ClaudiuGeorgiu/PlaystoreDownloader) | ![](https://img.shields.io/github/languages/top/ClaudiuGeorgiu/PlaystoreDownloader) |
| Android | Target | [googleplay](https://github.com/89z/googleplay) | Download APK from Google Play or send API requests | ![](https://img.shields.io/github/stars/89z/googleplay) | ![](https://img.shields.io/github/languages/top/89z/googleplay) |
| Android | Target | [gplaycli](https://github.com/matlink/gplaycli) | Google Play Downloader via Command line | ![](https://img.shields.io/github/stars/matlink/gplaycli) | ![](https://img.shields.io/github/languages/top/matlink/gplaycli) |
| Android | Target | [gplaydl](https://github.com/rehmatworks/gplaydl) | Command Line Google Play APK downloader. Download APK files to your PC directly from Google Play Store. | ![](https://img.shields.io/github/stars/rehmatworks/gplaydl) | ![](https://img.shields.io/github/languages/top/rehmatworks/gplaydl) |
| Android | Utils | [Magisk](https://github.com/topjohnwu/Magisk) | The Magic Mask for Android | ![](https://img.shields.io/github/stars/topjohnwu/Magisk) | ![](https://img.shields.io/github/languages/top/topjohnwu/Magisk) |
| Android | Utils | [behe-keyboard](https://github.com/VladThodo/behe-keyboard) | A lightweight hacking & programming keyboard with material design | ![](https://img.shields.io/github/stars/VladThodo/behe-keyboard) | ![](https://img.shields.io/github/languages/top/VladThodo/behe-keyboard) |
| Android | Utils | [termux-app](https://github.com/termux/termux-app) | Termux - a terminal emulator application for Android OS extendible by variety of packages. | ![](https://img.shields.io/github/stars/termux/termux-app) | ![](https://img.shields.io/github/languages/top/termux/termux-app) |
| iOS | Analysis | [iFunBox](http://www.i-funbox.com/) | General file management software for iPhone and other Apple products|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)
| iOS | Analysis | [iblessing](https://github.com/Soulghost/iblessing) | iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining. | ![](https://img.shields.io/github/stars/Soulghost/iblessing) | ![](https://img.shields.io/github/languages/top/Soulghost/iblessing) |
| iOS | Analysis | [needle](https://github.com/FSecureLABS/needle) | The iOS Security Testing Framework | ![](https://img.shields.io/github/stars/FSecureLABS/needle) | ![](https://img.shields.io/github/languages/top/FSecureLABS/needle) |
| iOS | Analysis | [objection](https://github.com/sensepost/objection) | 📱 objection - runtime mobile exploration | ![](https://img.shields.io/github/stars/sensepost/objection) | ![](https://img.shields.io/github/languages/top/sensepost/objection) |
| iOS | Bluetooth | [toothpicker](https://github.com/seemoo-lab/toothpicker) | ToothPicker is an in-process, coverage-guided fuzzer for iOS. for iOS Bluetooth | ![](https://img.shields.io/github/stars/seemoo-lab/toothpicker) | ![](https://img.shields.io/github/languages/top/seemoo-lab/toothpicker) |
| iOS | Bypass Jailbreak | [A-Bypass](https://www.ios-repo-updates.com/repository/baw-repo/package/com.rpgfarm.a-bypass/) | Super Jailbreak detection bypass!|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)
| iOS | Bypass Jailbreak | [FlyJB-X](https://github.com/XsF1re/FlyJB-X) | You can HIDE Doing jailbreak your iDevice. | ![](https://img.shields.io/github/stars/XsF1re/FlyJB-X) | ![](https://img.shields.io/github/languages/top/XsF1re/FlyJB-X) |
| iOS | Bypass Jailbreak | [HideJB](http://cydia.saurik.com/package/com.thuthuatjb.hidejb/) | a tweak has the ability to skip jailbreak detection on iOS apps.|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)
| iOS | Bypass Jailbreak | [Liberty](https://yalujailbreak.net/liberty/) | Bypass Jailbreak and SSL Pinning|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)
| iOS | Inject | [bfinject](https://github.com/BishopFox/bfinject) | Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks | ![](https://img.shields.io/github/stars/BishopFox/bfinject) | ![](https://img.shields.io/github/languages/top/BishopFox/bfinject) |
| iOS | RE | [Clutch](https://github.com/KJCracks/Clutch) | Fast iOS executable dumper | ![](https://img.shields.io/github/stars/KJCracks/Clutch) | ![](https://img.shields.io/github/languages/top/KJCracks/Clutch) |
| iOS | RE | [class-dump](https://github.com/nygard/class-dump) | Generate Objective-C headers from Mach-O files. | ![](https://img.shields.io/github/stars/nygard/class-dump) | ![](https://img.shields.io/github/languages/top/nygard/class-dump) |
| iOS | RE | [frida-ios-dump](https://github.com/AloneMonkey/frida-ios-dump) | pull decrypted ipa from jailbreak device | ![](https://img.shields.io/github/stars/AloneMonkey/frida-ios-dump) | ![](https://img.shields.io/github/languages/top/AloneMonkey/frida-ios-dump) |
| iOS | RE | [iRET](https://github.com/S3Jensen/iRET) | iOS Reverse Engineering Toolkit. | ![](https://img.shields.io/github/stars/S3Jensen/iRET) | ![](https://img.shields.io/github/languages/top/S3Jensen/iRET) |
| iOS | RE | [iSpy](https://github.com/BishopFox/iSpy) | A reverse engineering framework for iOS | ![](https://img.shields.io/github/stars/BishopFox/iSpy) | ![](https://img.shields.io/github/languages/top/BishopFox/iSpy) |
| iOS | RE | [momdec](https://github.com/atomicbird/momdec) | Core Data Managed Object Model Decompiler | ![](https://img.shields.io/github/stars/atomicbird/momdec) | ![](https://img.shields.io/github/languages/top/atomicbird/momdec) |
| iOS | Target | [ipainstaller](https://github.com/autopear/ipainstaller) | Install IPA from command line | ![](https://img.shields.io/github/stars/autopear/ipainstaller) | ![](https://img.shields.io/github/languages/top/autopear/ipainstaller) |
| iOS | Unpinning | [MEDUZA](https://github.com/kov4l3nko/MEDUZA) | A more or less universal SSL unpinning tool for iOS | ![](https://img.shields.io/github/stars/kov4l3nko/MEDUZA) | ![](https://img.shields.io/github/languages/top/kov4l3nko/MEDUZA) |
| iOS | Unpinning | [ssl-kill-switch2](https://github.com/nabla-c0d3/ssl-kill-switch2) | Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps | ![](https://img.shields.io/github/stars/nabla-c0d3/ssl-kill-switch2) | ![](https://img.shields.io/github/languages/top/nabla-c0d3/ssl-kill-switch2) |
| iOS | Utils | [idb](https://github.com/facebook/idb) | idb is a flexible command line interface for automating iOS simulators and devices | ![](https://img.shields.io/github/stars/facebook/idb) | ![](https://img.shields.io/github/languages/top/facebook/idb) |## Thanks to (Contributor)
I would like to thank everyone who helped with this project 👍😎
![](/CONTRIBUTORS.svg)