Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/hahwul/MobileHackersWeapons

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting
https://github.com/hahwul/MobileHackersWeapons

List: MobileHackersWeapons

android awesome-list bugbounty bugbountytips hacking ios mobilehacks scanner security tools

Last synced: 3 months ago
JSON representation

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Awesome Lists containing this project

README 

        


  


  

  


   

   

  

  

  

  



A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting



## Family project

[![WebHackersWeapons](https://img.shields.io/github/stars/hahwul/WebHackersWeapons?label=WebHackersWeapons)](https://github.com/hahwul/WebHackersWeapons)

[![MobileHackersWeapons](https://img.shields.io/github/stars/hahwul/MobileHackersWeapons?label=MobileHackersWeapons)](https://github.com/hahwul/MobileHackersWeapons)



## Table of Contents

- [Weapons](#weapons)

- [Contribute](/CONTRIBUTING.md) 

- [Thanks to contributor](#thanks-to-contributor)



## Weapons

| OS | Type | Name | Description | Popularity | Language |

| ---------- | :---------- | :---------- | :----------: | :----------: | :----------: | 

| All | Analysis | [RMS-Runtime-Mobile-Security](https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security) | Runtime Mobile Security (RMS) 📱🔥  - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime | ![](https://img.shields.io/github/stars/m0bilesecurity/RMS-Runtime-Mobile-Security) | ![](https://img.shields.io/github/languages/top/m0bilesecurity/RMS-Runtime-Mobile-Security) |

| All | Analysis | [flipper](https://github.com/facebook/flipper) | A desktop debugging platform for mobile developers. | ![](https://img.shields.io/github/stars/facebook/flipper) | ![](https://img.shields.io/github/languages/top/facebook/flipper) |

| All | Analysis | [scrounger](https://github.com/nettitude/scrounger) | Mobile application testing toolkit | ![](https://img.shields.io/github/stars/nettitude/scrounger) | ![](https://img.shields.io/github/languages/top/nettitude/scrounger) |

| All | Pentest | [metasploit-framework](https://github.com/rapid7/metasploit-framework) | Metasploit Framework | ![](https://img.shields.io/github/stars/rapid7/metasploit-framework) | ![](https://img.shields.io/github/languages/top/rapid7/metasploit-framework) |

| All | Proxy  | [BurpSuite](https://portswigger.net/burp) |  The BurpSuite|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)

| All | Proxy | [hetty](https://github.com/dstotijn/hetty) | Hetty is an HTTP toolkit for security research. | ![](https://img.shields.io/github/stars/dstotijn/hetty) | ![](https://img.shields.io/github/languages/top/dstotijn/hetty) |

| All | Proxy | [httptoolkit](https://github.com/httptoolkit/httptoolkit) | HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac | ![](https://img.shields.io/github/stars/httptoolkit/httptoolkit) | ![](https://img.shields.io/github/languages/top/httptoolkit/httptoolkit) |

| All | Proxy | [proxify](https://github.com/projectdiscovery/proxify) | Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go. | ![](https://img.shields.io/github/stars/projectdiscovery/proxify) | ![](https://img.shields.io/github/languages/top/projectdiscovery/proxify) |

| All | Proxy | [zaproxy](https://github.com/zaproxy/zaproxy) | The OWASP ZAP core project | ![](https://img.shields.io/github/stars/zaproxy/zaproxy) | ![](https://img.shields.io/github/languages/top/zaproxy/zaproxy) |

| All | RE | [diff-gui](https://github.com/antojoseph/diff-gui) | GUI for Frida -Scripts | ![](https://img.shields.io/github/stars/antojoseph/diff-gui) | ![](https://img.shields.io/github/languages/top/antojoseph/diff-gui) |

| All | RE | [frida](https://github.com/frida/frida) | Clone this repo to build Frida | ![](https://img.shields.io/github/stars/frida/frida) | ![](https://img.shields.io/github/languages/top/frida/frida) |

| All | RE | [frida-tools](https://github.com/frida/frida-tools) | Frida CLI tools | ![](https://img.shields.io/github/stars/frida/frida-tools) | ![](https://img.shields.io/github/languages/top/frida/frida-tools) |

| All | RE | [fridump](https://github.com/Nightbringer21/fridump) | A universal memory dumper using Frida | ![](https://img.shields.io/github/stars/Nightbringer21/fridump) | ![](https://img.shields.io/github/languages/top/Nightbringer21/fridump) |

| All | RE | [ghidra](https://github.com/NationalSecurityAgency/ghidra) | Ghidra is a software reverse engineering (SRE) framework | ![](https://img.shields.io/github/stars/NationalSecurityAgency/ghidra) | ![](https://img.shields.io/github/languages/top/NationalSecurityAgency/ghidra) |

| All | SCRIPTS | [frida-gadget](https://github.com/ksg97031/frida-gadget) | frida-gadget is a tool that can be used to patch APKs in order to utilize the Frida gadget. | ![](https://img.shields.io/github/stars/ksg97031/frida-gadget) | ![](https://img.shields.io/github/languages/top/ksg97031/frida-gadget) |

| All | SCRIPTS | [frida-scripts](https://github.com/0xdea/frida-scripts) | A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps. | ![](https://img.shields.io/github/stars/0xdea/frida-scripts) | ![](https://img.shields.io/github/languages/top/0xdea/frida-scripts) |

| All | Scanner | [Mobile-Security-Framework-MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) | Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. | ![](https://img.shields.io/github/stars/MobSF/Mobile-Security-Framework-MobSF) | ![](https://img.shields.io/github/languages/top/MobSF/Mobile-Security-Framework-MobSF) |

| All | Scanner | [StaCoAn](https://github.com/vincentcox/StaCoAn) | StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. | ![](https://img.shields.io/github/stars/vincentcox/StaCoAn) | ![](https://img.shields.io/github/languages/top/vincentcox/StaCoAn) |

| All | Utils | [watchman](https://github.com/facebook/watchman) | Watches files and records, or triggers actions, when they change. | ![](https://img.shields.io/github/stars/facebook/watchman) | ![](https://img.shields.io/github/languages/top/facebook/watchman) |

| Android | Analysis | [apkleaks](https://github.com/dwisiswant0/apkleaks) | Scanning APK file for URIs, endpoints & secrets. | ![](https://img.shields.io/github/stars/dwisiswant0/apkleaks) | ![](https://img.shields.io/github/languages/top/dwisiswant0/apkleaks) |

| Android | Analysis | [drozer](https://github.com/FSecureLABS/drozer) | The Leading Security Assessment Framework for Android. | ![](https://img.shields.io/github/stars/FSecureLABS/drozer) | ![](https://img.shields.io/github/languages/top/FSecureLABS/drozer) |

| Android | Device | [scrcpy](https://github.com/Genymobile/scrcpy) | Display and control your Android device | ![](https://img.shields.io/github/stars/Genymobile/scrcpy) | ![](https://img.shields.io/github/languages/top/Genymobile/scrcpy) |

| Android | Discovery | [PortAuthority](https://github.com/aaronjwood/PortAuthority) | A handy systems and security-focused tool, Port Authority is a very fast Android port scanner. Port Authority also allows you to quickly discover hosts on your network and will display useful network information about your device and other hosts. | ![](https://img.shields.io/github/stars/aaronjwood/PortAuthority) | ![](https://img.shields.io/github/languages/top/aaronjwood/PortAuthority) |

| Android | Monitor | [Hijacker](https://github.com/chrisk44/Hijacker) | Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android | ![](https://img.shields.io/github/stars/chrisk44/Hijacker) | ![](https://img.shields.io/github/languages/top/chrisk44/Hijacker) |

| Android | Monitor | [PCAPdroid](https://github.com/emanuele-f/PCAPdroid) | No-root network monitor, firewall and PCAP dumper for Android | ![](https://img.shields.io/github/stars/emanuele-f/PCAPdroid) | ![](https://img.shields.io/github/languages/top/emanuele-f/PCAPdroid) |

| Android | NFC | [nfcgate](https://github.com/nfcgate/nfcgate) | An NFC research toolkit application for Android | ![](https://img.shields.io/github/stars/nfcgate/nfcgate) | ![](https://img.shields.io/github/languages/top/nfcgate/nfcgate) |

| Android | Pentest  | [Kali NetHunter](https://gitlab.com/kalilinux/nethunter/build-scripts/kali-nethunter-project) |  Mobile Penetration Testing Platform|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)

| Android | RE | [Apktool](https://github.com/iBotPeaches/Apktool) | A tool for reverse engineering Android apk files | ![](https://img.shields.io/github/stars/iBotPeaches/Apktool) | ![](https://img.shields.io/github/languages/top/iBotPeaches/Apktool) |

| Android | RE  | [JEB](https://www.pnfsoftware.com/jeb/) |  reverse-engineering platform to perform disassembly, decompilation, debugging, and analysis of code and document files, manually or as part of an analysis pipeline.|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)

| Android | RE | [Smali-CFGs](https://github.com/EugenioDelfa/Smali-CFGs) | Smali Control Flow Graph's | ![](https://img.shields.io/github/stars/EugenioDelfa/Smali-CFGs) | ![](https://img.shields.io/github/languages/top/EugenioDelfa/Smali-CFGs) |

| Android | RE | [androguard](https://github.com/androguard/androguard) | Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !) | ![](https://img.shields.io/github/stars/androguard/androguard) | ![](https://img.shields.io/github/languages/top/androguard/androguard) |

| Android | RE | [apkx](https://github.com/b-mueller/apkx) | One-Step APK Decompilation With Multiple Backends | ![](https://img.shields.io/github/stars/b-mueller/apkx) | ![](https://img.shields.io/github/languages/top/b-mueller/apkx) |

| Android | RE | [btrace](https://github.com/bytedance/btrace) | 🔥🔥 btrace(AKA RheaTrace) is a high performance Android trace tool which is based on Systrace, it support to define custom events automatically during building apk and using bhook to provider more native events like IO. | ![](https://img.shields.io/github/stars/bytedance/btrace) | ![](https://img.shields.io/github/languages/top/bytedance/btrace) |

| Android | RE | [bytecode-viewer](https://github.com/Konloch/bytecode-viewer/) | A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More) | ![](https://img.shields.io/github/stars/Konloch/bytecode-viewer/) | ![](https://img.shields.io/github/languages/top/Konloch/bytecode-viewer/) |

| Android | RE | [dex-oracle](https://github.com/CalebFenton/dex-oracle) | A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis | ![](https://img.shields.io/github/stars/CalebFenton/dex-oracle) | ![](https://img.shields.io/github/languages/top/CalebFenton/dex-oracle) |

| Android | RE | [dex2jar](https://github.com/pxb1988/dex2jar) | Tools to work with android .dex and java .class files | ![](https://img.shields.io/github/stars/pxb1988/dex2jar) | ![](https://img.shields.io/github/languages/top/pxb1988/dex2jar) |

| Android | RE | [enjarify](https://github.com/Storyyeller/enjarify) | Enjarify is a tool for translating Dalvik bytecode to equivalent Java bytecode. This allows Java analysis tools to analyze Android applications. | ![](https://img.shields.io/github/stars/Storyyeller/enjarify) | ![](https://img.shields.io/github/languages/top/Storyyeller/enjarify) |

| Android | RE | [jadx](https://github.com/skylot/jadx) | Dex to Java decompiler | ![](https://img.shields.io/github/stars/skylot/jadx) | ![](https://img.shields.io/github/languages/top/skylot/jadx) |

| Android | RE | [jd-gui](https://github.com/java-decompiler/jd-gui) | A standalone Java Decompiler GUI | ![](https://img.shields.io/github/stars/java-decompiler/jd-gui) | ![](https://img.shields.io/github/languages/top/java-decompiler/jd-gui) |

| Android | RE | [procyon](https://github.com/mstrobel/procyon) | Procyon is a suite of Java metaprogramming tools, including a rich reflection API, a LINQ-inspired expression tree API for runtime code generation, and a Java decompiler. | ![](https://img.shields.io/github/stars/mstrobel/procyon) | ![](https://img.shields.io/github/languages/top/mstrobel/procyon) |

| Android | Scanner | [qark](https://github.com/linkedin/qark) | Tool to look for several security related Android application vulnerabilities | ![](https://img.shields.io/github/stars/linkedin/qark) | ![](https://img.shields.io/github/languages/top/linkedin/qark) |

| Android | Target | [PlaystoreDownloader](https://github.com/ClaudiuGeorgiu/PlaystoreDownloader) | A command line tool to download Android applications directly from the Google Play Store by specifying their package name (an initial one-time configuration is required) | ![](https://img.shields.io/github/stars/ClaudiuGeorgiu/PlaystoreDownloader) | ![](https://img.shields.io/github/languages/top/ClaudiuGeorgiu/PlaystoreDownloader) |

| Android | Target | [googleplay](https://github.com/89z/googleplay) | Download APK from Google Play or send API requests | ![](https://img.shields.io/github/stars/89z/googleplay) | ![](https://img.shields.io/github/languages/top/89z/googleplay) |

| Android | Target | [gplaycli](https://github.com/matlink/gplaycli) | Google Play Downloader via Command line | ![](https://img.shields.io/github/stars/matlink/gplaycli) | ![](https://img.shields.io/github/languages/top/matlink/gplaycli) |

| Android | Target | [gplaydl](https://github.com/rehmatworks/gplaydl) | Command Line Google Play APK downloader. Download APK files to your PC directly from Google Play Store. | ![](https://img.shields.io/github/stars/rehmatworks/gplaydl) | ![](https://img.shields.io/github/languages/top/rehmatworks/gplaydl) |

| Android | Utils | [Magisk](https://github.com/topjohnwu/Magisk) | The Magic Mask for Android | ![](https://img.shields.io/github/stars/topjohnwu/Magisk) | ![](https://img.shields.io/github/languages/top/topjohnwu/Magisk) |

| Android | Utils | [behe-keyboard](https://github.com/VladThodo/behe-keyboard) | A lightweight hacking & programming keyboard with material design | ![](https://img.shields.io/github/stars/VladThodo/behe-keyboard) | ![](https://img.shields.io/github/languages/top/VladThodo/behe-keyboard) |

| Android | Utils | [termux-app](https://github.com/termux/termux-app) | Termux - a terminal emulator application for Android OS extendible by variety of packages. | ![](https://img.shields.io/github/stars/termux/termux-app) | ![](https://img.shields.io/github/languages/top/termux/termux-app) |

| iOS | Analysis  | [iFunBox](http://www.i-funbox.com/) |  General file management software for iPhone and other Apple products|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)

| iOS | Analysis | [iblessing](https://github.com/Soulghost/iblessing) | iblessing is an iOS security exploiting toolkit, it mainly includes application information collection, static analysis and dynamic analysis. It can be used for reverse engineering, binary analysis and vulnerability mining. | ![](https://img.shields.io/github/stars/Soulghost/iblessing) | ![](https://img.shields.io/github/languages/top/Soulghost/iblessing) |

| iOS | Analysis | [needle](https://github.com/FSecureLABS/needle) | The iOS Security Testing Framework | ![](https://img.shields.io/github/stars/FSecureLABS/needle) | ![](https://img.shields.io/github/languages/top/FSecureLABS/needle) |

| iOS | Analysis | [objection](https://github.com/sensepost/objection) | 📱 objection - runtime mobile exploration | ![](https://img.shields.io/github/stars/sensepost/objection) | ![](https://img.shields.io/github/languages/top/sensepost/objection) |

| iOS | Bluetooth | [toothpicker](https://github.com/seemoo-lab/toothpicker) | ToothPicker is an in-process, coverage-guided fuzzer for iOS. for iOS Bluetooth | ![](https://img.shields.io/github/stars/seemoo-lab/toothpicker) | ![](https://img.shields.io/github/languages/top/seemoo-lab/toothpicker) |

| iOS | Bypass Jailbreak  | [A-Bypass](https://www.ios-repo-updates.com/repository/baw-repo/package/com.rpgfarm.a-bypass/) |  Super Jailbreak detection bypass!|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)

| iOS | Bypass Jailbreak | [FlyJB-X](https://github.com/XsF1re/FlyJB-X) | You can HIDE Doing jailbreak your iDevice. | ![](https://img.shields.io/github/stars/XsF1re/FlyJB-X) | ![](https://img.shields.io/github/languages/top/XsF1re/FlyJB-X) |

| iOS | Bypass Jailbreak  | [HideJB](http://cydia.saurik.com/package/com.thuthuatjb.hidejb/) |  a tweak has the ability to skip jailbreak detection on iOS apps.|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)

| iOS | Bypass Jailbreak  | [Liberty](https://yalujailbreak.net/liberty/) |  Bypass Jailbreak and SSL Pinning|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)|![](https://img.shields.io/static/v1?label=&message=it's%20not%20github&color=gray)

| iOS | Inject | [bfinject](https://github.com/BishopFox/bfinject) | Dylib injection for iOS 11.0 - 11.1.2 with LiberiOS and Electra jailbreaks | ![](https://img.shields.io/github/stars/BishopFox/bfinject) | ![](https://img.shields.io/github/languages/top/BishopFox/bfinject) |

| iOS | RE | [Clutch](https://github.com/KJCracks/Clutch) | Fast iOS executable dumper | ![](https://img.shields.io/github/stars/KJCracks/Clutch) | ![](https://img.shields.io/github/languages/top/KJCracks/Clutch) |

| iOS | RE | [class-dump](https://github.com/nygard/class-dump) | Generate Objective-C headers from Mach-O files. | ![](https://img.shields.io/github/stars/nygard/class-dump) | ![](https://img.shields.io/github/languages/top/nygard/class-dump) |

| iOS | RE | [frida-ios-dump](https://github.com/AloneMonkey/frida-ios-dump) | pull decrypted ipa from jailbreak device | ![](https://img.shields.io/github/stars/AloneMonkey/frida-ios-dump) | ![](https://img.shields.io/github/languages/top/AloneMonkey/frida-ios-dump) |

| iOS | RE | [iRET](https://github.com/S3Jensen/iRET) | iOS Reverse Engineering Toolkit. | ![](https://img.shields.io/github/stars/S3Jensen/iRET) | ![](https://img.shields.io/github/languages/top/S3Jensen/iRET) |

| iOS | RE | [iSpy](https://github.com/BishopFox/iSpy) | A reverse engineering framework for iOS | ![](https://img.shields.io/github/stars/BishopFox/iSpy) | ![](https://img.shields.io/github/languages/top/BishopFox/iSpy) |

| iOS | RE | [ipsw](https://github.com/blacktop/ipsw) | iOS/macOS Research Swiss Army Knife | ![](https://img.shields.io/github/stars/blacktop/ipsw) | ![](https://img.shields.io/github/languages/top/blacktop/ipsw) |

| iOS | RE | [momdec](https://github.com/atomicbird/momdec) | Core Data Managed Object Model Decompiler | ![](https://img.shields.io/github/stars/atomicbird/momdec) | ![](https://img.shields.io/github/languages/top/atomicbird/momdec) |

| iOS | Target | [ipainstaller](https://github.com/autopear/ipainstaller) | Install IPA from command line | ![](https://img.shields.io/github/stars/autopear/ipainstaller) | ![](https://img.shields.io/github/languages/top/autopear/ipainstaller) |

| iOS | Unpinning | [MEDUZA](https://github.com/kov4l3nko/MEDUZA) | A more or less universal SSL unpinning tool for iOS | ![](https://img.shields.io/github/stars/kov4l3nko/MEDUZA) | ![](https://img.shields.io/github/languages/top/kov4l3nko/MEDUZA) |

| iOS | Unpinning | [ssl-kill-switch2](https://github.com/nabla-c0d3/ssl-kill-switch2) | Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps | ![](https://img.shields.io/github/stars/nabla-c0d3/ssl-kill-switch2) | ![](https://img.shields.io/github/languages/top/nabla-c0d3/ssl-kill-switch2) |

| iOS | Utils | [idb](https://github.com/facebook/idb) | idb is a flexible command line interface for automating iOS simulators and devices | ![](https://img.shields.io/github/stars/facebook/idb) | ![](https://img.shields.io/github/languages/top/facebook/idb) |



## Thanks to (Contributor)

I would like to thank everyone who helped with this project 👍😎 

![](/CONTRIBUTORS.svg)