Pinned Repositories
IntentFuzzer
A Tool to fuzz Intent on Android
Introspy-Android
Security profiling for blackbox Android
JustTrustMe
An xposed module that disables SSL certificate checking for the purposes of auditing and app with cert pinning
lobotomy
Android Security Toolkit
manifest-explorer
A tool for viewing Android application Manifests.
ManifestAnalyzer
Android app to analyze manifests of other apps.
Metaphor
Metaphor - Stagefright with ASLR bypass
MFFA
Media Fuzzing Framework for Android
Mobile-Security-Framework-MobSF
Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis.
process-explorer-app
The Android app containing the Process Explorer
droid-sec's Repositories
droid-sec/JustTrustMe
An xposed module that disables SSL certificate checking for the purposes of auditing and app with cert pinning
droid-sec/lobotomy
Android Security Toolkit
droid-sec/Metaphor
Metaphor - Stagefright with ASLR bypass
droid-sec/MFFA
Media Fuzzing Framework for Android
droid-sec/Mobile-Security-Framework-MobSF
Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis.
droid-sec/process-explorer-app
The Android app containing the Process Explorer
droid-sec/ADB-Backup-APK-Injection
Android ADB backup APK Injection POC
droid-sec/android
cSploit - The most complete and advanced IT security professional toolkit on Android.
droid-sec/Android-Inline-Hook
thumb16 thumb32 arm32 inlineHook in Android
droid-sec/android-vts
Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
droid-sec/AndroidAPIHooker
使用cydia substrate框架hook android的关键api,实时记录观察app后台运行时所调用的所有敏感函数,并生成json日志输出
droid-sec/AndroidEagleEye
An Xposed based module which is capable of hooking both Android system APIs and applications' methods.
droid-sec/Androl4b
A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
droid-sec/arminject
An application to dynamically inject a shared object into a running process on ARM architectures.
droid-sec/bifuz
Broadcast Intent FUZzing Framework for Android
droid-sec/Catlog
Logcat-reading app for Android
droid-sec/ContentProviderHelper
A nice little Android app that helps developers to discover and query content providers.
droid-sec/core-android
RCS Agent for Android
droid-sec/CVE-2014-7911_poc
Local root exploit for Nexus5 Android 4.4.4(KTU84P)
droid-sec/fuzzer-android
Unnamed repository; edit this file 'description' to name the repository.
droid-sec/hooker
Hooker is an opensource project for dynamic analyses of Android applications. This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application.
droid-sec/Inspeckage
Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
droid-sec/intent-intercept
Intent Intercept Android app
droid-sec/qark
droid-sec/rcs-common
Common components for RCS backend
droid-sec/scaredycat
Python script to generate a malicious MP4 file and start a CherryPy web server hosting a simple HTML page with the embedded file. Exploits another Stagefright vulnerability, the integer overflow (CVE-2015-3864).
droid-sec/stagefright
Python script to generate a malicious MP4 file exploiting the 'stsc' vulnerability (CVE-2015-1538-1 - Google Stagefright ‘stsc’ MP4 Atom Integer Overflow Remote Code Execution), and start reverse TCP listener on attacker machine.
droid-sec/stagefright-plugins
Stagefright Plugins for Android
droid-sec/UltimateLogcat
Contains the source code of UltimateLogcat (https://play.google.com/store/apps/details?id=com.anrapps.ultimatelogcat)
droid-sec/vector-exploit
Exploit repository