LibAFL – Advanced Fuzzing Library – Slot Your Fuzzer Together In Rust! Scales Across Cores And Machines. For Windows, Android, MacOS, Linux, No_Std, …

Advanced Fuzzing Library – Slot your own fuzzers together and extend their features using Rust. LibAFL is written and maintained by Andrea Fioraldi [email protected] and Dominik Maier [email protected] Why LibAFL? LibAFL gives you many of the benefits of an off-the-shelf fuzzer, while being completely customizable. Some highlight features currently include: fast: We do everything weRead More

Android-PIN-Bruteforce – Unlock An Android Phone (Or Device) By Bruteforcing The Lockscreen PIN

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! How it works It uses a USB OTG cable to connect the locked phone to the Nethunter device. It emulates a keyboard, automatically tries PINs, and waits after trying too manyRead More

Android_Hid – Use Android As Rubber Ducky Against Another Android Device

Use Android as Rubber Ducky against another Android device HID attack using Android Using Android as Rubber Ducky against Android. This is not a new technique, just a demo how to perform HID attack using Android instead of rubber ducky. For targeted Android device it is not necessary to be rooted, have ADB/USB debugging enabledRead More

Rafel-Rat – Android Rat Written In Java With WebPanel For Controlling Victims

Rafel is Remote Access Tool Used to Control Victims Using WebPanel With More Advance Features. Main Features Admin Permission Add App To White List Looks Like Browser Runs In Background Even App is Closed(May not work on some Devices) Accessibility Feature Support Android v5 – v10 No Port Forwarding Needed Acquire Wakelock Fully Undetectable PrerequisitesRead More

Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux

Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows and Linux and doesn’t require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access Router, discover local IPs and scanRead More

Ghost Framework – An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device

About Ghost Framework Ghost Framework is an Android post-exploitation framework that exploits theAndroid Debug Bridge to remotely access an Android device. Ghost Frameworkgives you the power and convenience of remote Android device administration. Getting started Ghost installation To install Ghost Framework you shouldexecute the following commands. cd ghost chmod +x install.sh ./install.sh Ghost uninstallation ToRead More

APKLab – Android Reverse Engineering WorkBench For VS Code

APKLab seamlessly integrates the best open-source tools: Apktool, Jadx, uber-apk-signer and more to the excellent VS Code so you can focus on app analysis and get it done without leaving the IDE. Features Decode all the resources from an APK Disassemble the APK to Dalvik bytecode aka Smali Decompile the APK to Java source AnalyzeRead More

Damn-Vulnerable-Bank – Vulnerable Banking Application For Android

Damn Vulnerable Bank Android Application aims to provide an interface for everyone to get a detailed understanding with internals and security aspects of android application. How to Use Application Clone the repository and run the Backend Server as per instructions in the link. We have released the Apk so after downloading install it via adbRead More

NFCGate – An NFC Research Toolkit Application For Android

NFCGate is an Android application meant to capture, analyze, or modify NFC traffic. It can be used as a researching tool to reverse engineer protocols or assess the security of protocols against traffic modifications. Notice This application was developed for security research purposes by students of the Secure Mobile Networking Lab at TU Darmstadt. PleaseRead More

Awesome Android Security – A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters

A curated list of Android Security materials and resources For Pentesters and Bug Hunters. Blog AAPG – Android application penetration testing guide TikTok: three persistent arbitrary code executions and one theft of arbitrary files Persistent arbitrary code execution in Android’s Google Play Core Library: details, explanation and the PoC – CVE-2020-8913 Android: Access to appRead More

X