SSLUnpinning : Android app to bypass SSL certificate validation (Certificate...
SSLUnpinning is a Android app to bypass SSL certificate validation (Certificate Pinning). In high security enviroments SSL pinning is important as an additional security measure. Description: If you...
View ArticleClik here to view.
Androtools is a Android malware static & dynamic analysis and automated action.
androtools is Android malware static & dynamic analysis tool optimized for automated analysis. This work was motivated observing real-world needs for Police Officer and Malware Analysts who want to...
View ArticleMaldrolyzer – Simple framework to extract “actionable” data from Android...
Maldrolyzer is a Simple framework to extract “actionable” data from Android malware (C&Cs, phone numbers etc.) Changelog 30.03.2015 : + Templates.py ; Modules + maldrolyzer.py ; Reorganization +...
View ArticleClik here to view.
Patrol – A platform for testing an Android device’s applications for...
Patrol is A platform for testing an Android device’s applications for IPC-related vulnerabilities. Network Protocol notes: +in this scenario, a report is associated with login that is verified on the...
View ArticleClik here to view.
Updates Android Network Spoofer v-2.3.0
Changelog v-2.3.0: + Experimental Lollipop 5.1 support + Fixed the blue ball machine + Added “Generate device report” – allows device info to be emailed to developers for easier support. Network...
View ArticleAndroid-MAC-Spoofer – Spoof the MAC address of your rooted Android device...
Android-MAC-Spoofer is a Spoof the MAC address of your rooted Android device from Windows. Changes are persistent accross reboots. Tool allows backup of the original MAC. Requirements: 1. (Required)...
View ArticleClik here to view.
VectorAttackScanner – a tool to search vulnerable points to attack.
This is a tool to analyze android, linux and windows, to detect points to attack, as intents, receivers, services, processes and libraries. This tool uses a static analysis methods to do this, the...
View ArticleClik here to view.
Updates VectorAttackScanner – a tool to search vulnerable points to attack.
Chagelog 04/06/2015: – Initial Crash Report about com.whatsapp – New UI – Features list This is a tool to analyze android, linux and windows, to detect points to attack, as intents, receivers,...
View ArticleClik here to view.
Smalisca v-0.2 released – Static Code Analysis for Smali files.
If you ever have looked at Android applications you know to appreciate the ability of analyzing your target at the most advanced level. Dynamic program analysis will give you a pretty good overview of...
View ArticleClik here to view.
Android-vts ~ Android Vulnerability Test Suite.
This tool was meant to show the end user the attack surface that a given device is susceptible to. In implementing these checks we attempt to minimize or eliminate both false positives/false negatives...
View ArticleClik here to view.
qark ~ Tool to look for several security related Android application...
Quick Android Review Kit – This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating...
View ArticleAndroid-SMS-Interceptor ~ A hidden android SMS interceptor that forwards...
Android-SMS-Interceptor is a A hidden android SMS interceptor that forwards every message. This is just a proof of concept and i’m not responsible for any damage caused by its usage. EDIT: After the...
View ArticleClik here to view.
Android Network Spoofer v-2.4.0 released.
Changelog v-2.4.0 10/16/2015: + Added better root checks. Many users complained that Network Spoofer didn’t work on Android 5.1. Most had root disabled. This adds extra checks. Network Spoofer lets you...
View ArticleClik here to view.
trojandroid – an android simple trojan app.
Notice : This post just For Education Purpose Only! the purpose: How to Infect and Inject trojan into APK File, and re-upload on your server or google play store using MiTM. This project was to make a...
View ArticleClik here to view.
AndroidPINCrack – Bruteforce the Android Passcode given the hash and salt.
AndroidPINCrack is a Python script that bruteforce the Android Passcode given the hash and salt. Of course there are some other faster ways to crack than a python script, but it can be useful for...
View ArticleClik here to view.
Android-exploit – Stagefright v2 Android exploit.
DISCLAIMER: This exploit is for testing and educational purposes only. Any other usage for this code is not allowed. Use at your own risk. Exploit for RCE Vulnerability CVE-2015-1538. Integer Overflow...
View ArticleClik here to view.
AndroBugs Framework – Android App Security Vulnerability Scanner.
AndroBugs Framework is an Android vulnerability analysis system that helps developers or hackers find potential security vulnerabilities in Android applications. No splendid GUI interface, but the most...
View ArticleClik here to view.
Android-VTS v11 released ~ Android Vulnerability Test Suite
Changelog v-11: + Sort vulnerabilities by date of CVE descending + Enable WeakSauce check + Fix crashes with x509 serialization check on devices < Kitkat + Add check for CVE-2015-1528 + Fix some UI...
View ArticleClik here to view.
SSLKiller is a used for killing SSL verification functions on Android client...
SSLKiller is used for killing SSL verification functions on Android client side. With SSLKiller, You can intercept app’s HTTPS communication packages between the client and server. This project is very...
View ArticleClik here to view.
Horus is a security framework for pentesting android Apps.
Horus is a security framework for pentesting android Apps. A mobile pentesting framework written in Python. Latest Change 9/1/2016: + Updated requirements + Integrated and using androwarn + Fixed all...
View Article