Skip to content

Latest commit

 

History

History
2321 lines (1907 loc) · 279 KB

Readme_en.md

File metadata and controls

2321 lines (1907 loc) · 279 KB
Raw

All Resource Collection Projects

Android

  • Android Security Resources Collection. 600+Tools, 1500+ Post
  • Currently Draft Version.

Directory

Resources Collection Repos

Collection

Famous Tools

ClassyShark

Tools

Post

jeb

Tools

Post

enjarfy

Tools

  • [2467Star][3y] [Py] google/enjarify a tool for translating Dalvik bytecode to equivalent Java bytecode.
  • [516Star][5m] [Py] storyyeller/enjarify 将Dalvik字节码转为对应的Java字节码(google Fork版)

Post

androguard

Tools

Post

jadx

Tools

  • [21172Star][1m] [Java] skylot/jadx Dex to Java decompiler
  • [89Star][2m] [C++] romainthomas/pyjadx Jadx Python Binding
  • [9Star][1y] [PHP] vaibhavpandeyvpz/deapk DeAPK is an open-source, online APK decompiler which lets you upload an APK and then decompile it to Smali or Java sources. It is built using Laravel, Vue.js, Bootstrap, FontAwesome, Pusher, Redis, MySQL, apktool, jadx and hosted atop DigitalOcean cloud platform.

Post

jd-gui

Tools

Post

dex2jar

Tools

  • [7142Star][7m] [Java] pxb1988/dex2jar Tools to work with android .dex and java .class files
  • [100Star][7m] [Java] dexpatcher/dex2jar Unofficial dex2jar builds
  • [85Star][1m] [Py] tp7309/ttdedroid 一键反编译工具One key for quickly decompile apk/aar/dex/jar, support by jadx/dex2jar/enjarify/cfr.
  • [68Star][5y] [Py] ajinabraham/xenotix-apk-reverser Xenotix APK Reverser is an OpenSource Android Application Package (APK) decompiler and disassembler powered by dex2jar, baksmali and jd-core.
  • [60Star][7y] [Java] strazzere/dehoser Unpacker for the HoseDex2Jar APK Protection which packs the original file inside the dex header

Post

apktool

Tools

Post

virtualapk

Tools

  • [7760Star][1y] [Java] didi/virtualapk A powerful and lightweight plugin framework for Android

baksmali

Tools

Post

cSploit

Tools

Post

bytecodeviewer

Tools

  • [10890Star][4m] [Java] konloch/bytecode-viewer A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
  • [1123Star][2m] [Kotlin] ingokegel/jclasslib jclasslib bytecode viewer is a tool that visualizes all aspects of compiled Java class files and the contained bytecode.

MobSF

Tools

  • [5441Star][1m] [Py] mobsf/mobile-security-framework-mobsf Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
  • [25Star][6m] [Shell] soluto/mobsf-ci All that is required to run MobSF in the ci
  • [21Star][2m] [Java] mobsf/mobsf-related-materials MobSF related Presentations, Slides and Others.

Post

androl4b

Tools

  • [822Star][6m] sh4hin/androl4b A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

Post

decaf

Tools

  • [535Star][1m] [C] decaf-project/decaf a binary analysis platform based on QEMU. This is also the home of the DroidScope dynamic Android malware analysis platform. DroidScope is now an extension to DECAF.
  • [26Star][3m] [Java] decaf-lang/decaf The new Decaf compiler, rewritten in "modern" Java
  • [22Star][3m] [Rust] decaf-lang/decaf-rs The Decaf compiler, written in Rust

Post

cuckoo-droid

Tools

Some App

ahmyth

Tools

Post

Tools

Topic

Vulnerability

Tools

  • [2164Star][12m] [Py] linkedin/qark Tool to look for several security related Android application vulnerabilities
  • [968Star][3y] [Java] androidvts/android-vts Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.
  • [816Star][2y] [C] timwr/cve-2016-5195 CVE-2016-5195 (dirtycow/dirtyc0w) proof of concept for Android
  • [737Star][4y] [Py] androbugs/androbugs_framework AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows.
  • [607Star][1y] [C] scottybauer/android_kernel_cve_pocs A list of my CVE's with POCs
  • [528Star][3m] [C] jiayy/android_vuln_poc-exp This project contains pocs and exploits for vulneribilities I found (mostly)
  • [486Star][2y] [Py] armissecurity/blueborne PoC scripts demonstrating the BlueBorne vulnerabilities
  • [413Star][2y] [Py] ojasookert/cve-2017-0785 Blueborne CVE-2017-0785 Android information leak vulnerability
  • [408Star][2y] [C] fuzion24/androidkernelexploitationplayground a hands on guide to Linux kernel exploitation with a special interest in Android
  • [389Star][2y] [Java] davidbuchanan314/nxloader My first Android app: Launch Fusée Gelée payloads from stock Android (CVE-2018-6242)
  • [344Star][2y] [C++] ele7enxxh/poc-exp poc or exp of android vulnerability
  • [333Star][3y] [Java] seven456/safewebview Android Safe WebView、解决WebView的Js对象注入漏洞、支持网页将JS函数(function)传到Java层,方便回调;
  • [294Star][11m] [C] tangsilian/android-vuln 安卓内核提权漏洞分析
  • [260Star][1y] [C] chef-koch/android-vulnerabilities-overview An small overview of known Android vulnerabilities
  • [244Star][1m] [C] grant-h/qu1ckr00t A PoC application demonstrating the power of an Android kernel arbitrary R/W.
  • [243Star][3y] [C] hyln9/vikiroot CVE-2016-5195 (Dirty COW) PoC for Android 6.0.1 Marshmallow
  • [240Star][1y] [Ruby] hahwul/droid-hunter (deprecated) Android application vulnerability analysis and Android pentest tool
  • [167Star][1y] [C] jioundai/bluedroid PoCs of Vulnerabilities on Bluedroid
  • [167Star][2y] [JS] logicalhacking/dvhma Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
  • [160Star][4y] [Py] appknox/afe Android Framework for Exploitation, is a framework for exploiting android based devices
  • [142Star][5m] [HTML] sundaysec/android-exploits A collection of android Exploits and Hacks
  • [141Star][5y] [Java] retme7/cve-2014-7911_poc Local root exploit for Nexus5 Android 4.4.4(KTU84P)
  • [135Star][3y] [C] jcadduono/android_external_dirtycow CVE-2016-5195 (dirtycow/dirtyc0w) - recowvery fork
  • [131Star][6y] [Java] fuzion24/androidziparbitrage Exploit for Android Zip bugs: 8219321, 9695860, and 9950697
  • [129Star][2y] [C] smeso/mtpwn PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
  • [127Star][4y] [C] fi01/cve-2015-3636 PoC code for 32 bit Android OS
  • [103Star][1y] [Java] duo-labs/xray X-Ray allows you to scan your Android device for security vulnerabilities that put your device at risk.
  • [97Star][2y] [C] secwiki/android-kernel-exploits android kernel exploits漏洞集合
  • [95Star][1y] [Py] integrity-sa/droidstatx Python tool that generates an Xmind map with all the information gathered and any evidence of possible vulnerabilities identified via static analysis. The map itself is an Android Application Pentesting Methodology component, which assists Pentesters to cover all important areas during an assessment.
  • [89Star][5y] [C] retme7/cve-2014-4322_poc Gain privileges:system -> root,as a part of
  • [84Star][10m] [C] nowsecure/dirtycow radare2 IO plugin for Linux and Android. Modifies files owned by other users via dirtycow Copy-On-Write cache vulnerability
  • [81Star][3y] [C] derrekr/android_security Public Android Vulnerability Information (CVE PoCs etc)
  • [76Star][4y] [C] viralsecuritygroup/knoxout A PoC of KNOXout (CVE-2016-6584) - bypassing Samsung KNOX protections and root Samsung Galaxy S6 Android Device.
  • [70Star][4y] [C++] laginimaineb/cve-2014-7920-7921 Exploit code for CVE-2014-7920 and CVE-2014-7921 - code-exec in mediaserver up to Android 5.1
  • [69Star][2y] [Py] odensc/janus Python script to create an Android APK exploiting the Janus vulnerability.
  • [67Star][6y] [C++] trevd/android_root Got Root!
  • [65Star][2y] [Py] ojasookert/cve-2017-0781 Blueborne CVE-2017-0781 Android heap overflow vulnerability
  • [47Star][3y] silvermoonsecurity/security-misc # Full overview of current vulnerability, exploit , fuzz, mitigation of current major Operation System(Windows, macOS, Linux, Android,iOS and so forath) and popular applicaiton
  • [46Star][4m] [Java] flankerhqd/vendor-android-cves Collections of my POCs for android vendor CVEs
  • [46Star][2m] [Java] flankerhqd/vendor-android-cves Collections of my POCs for android vendor CVEs
  • [43Star][2y] [Shell] xtiankisutsa/twiga A tool that enumerates Android devices for information useful in understanding its internals and for exploit development. It supports android 4.2 to android 7.1.1
  • [39Star][3y] [Py] programa-stic/marvin-dynamic-analyzer Dynamic android vulnerability scanner using OpenNebula and Android-x86 emulators.
  • [39Star][2y] [Py] sundaysec/andspoilt Run interactive android exploits in linux.
  • [38Star][3m] [C] arinerron/cve-2016-5195 Automated Android root via CVE-2016-5195 (dirtycow/dirtyc0w PoC)
  • [37Star][2y] [Java] htbridge/pivaa Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.
  • [36Star][7m] [Py] raymanfx/android-cve-checker Python tool to check your Android kernel for missing CVE patches.
  • [33Star][6m] [Py] monolithworks/trueseeing Non-decompiling Android vulnerability scanner (DC25 demo lab, CB17)
  • [32Star][5y] [Ruby] jduck/addjsif Metasploit Exploit Module for the Android addJavascriptInterface Issue (MITM)
  • [26Star][4m] [Py] alfa100001/-cve-2017-0785-blueborne-poc CVE-2017-0785 BlueBorne PoC
  • [25Star][1m] b3nac/injuredandroid A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
  • [24Star][3y] [C] davidbuchanan314/cowroot Universal Android root tool based on CVE-2016-5195. Watch this space.
  • [22Star][3y] [C] sagi/android_pocs Android Vulnerability Reports and POCs.
  • [19Star][1m] [Java] ivan-markovic/android-task-injection Task Hijacking in Android (somebody call it also StrandHogg vulnerability)
  • [18Star][3y] [C] freddierice/farm-root Farm root is a root for android devices using the dirty cow vulnerability
  • [18Star][1y] [C++] tamirzb/cve-2018-9539 PoC code for CVE-2018-9539
  • [15Star][7y] [C] hiikezoe/libperf_event_exploit CVE-2013-2094 exploit for android
  • [15Star][3y] [Java] tanprathan/sievepwn An android application which exploits sieve through android components.
  • [13Star][3y] [C] a7vinx/cve-2015-3636 Expolit for android (goldfish kernel v3.10.0+) on arm64 with PXN&SELinux Bypassed. Based on fi01's code.
  • [13Star][5y] [Perl] irsl/lgosp-poc LG On Screen Phone authentication bypass PoC (CVE-2014-8757)
  • [13Star][6y] [Shell] k3170makan/droidsploit A collection of scripts to find common application vulnerabilities in Android Applications
  • [11Star][4y] [Java] geneblue/cve-2014-7911-exp exploit for cve-2014-7911; android; java deserialization ;system privilege;ace;
  • [11Star][2m] [Java] ioactive/aosp-downloadproviderhijacker PoC Exploiting Permission Bypass in Android's Download Provider (CVE-2018-9468)
  • [10Star][3y] [C] m-mullins/cve-2016-8655_android Android attempt at PoC CVE-2016-8655
  • [9Star][5y] [C] ele7enxxh/fakeodex modify field(modWhen, crc) in android odex file;安卓APP“寄生兽”漏洞
  • [9Star][4y] [Java] heeeeen/cve-2014-7911poc
  • [9Star][2y] [Java] lanrat/tethr Android Tethering Provisioning Check Bypass (CVE-2017-0554)
  • [8Star][3y] [C] timwr/cve-2013-6282 CVE-2013-6282 proof of concept for Android
  • [8Star][2m] [C++] amrashraf/androshield An ASP.NET web application that responsible of detecting and reporting vulnerabilities in android applications by static and dynamic analysis methodologies.
  • [6Star][3y] [Java] ele7enxxh/cve-2014-7911
  • [6Star][2m] [Java] ioactive/aosp-downloadproviderdbdumper PoC Exploiting SQL Injection in Android's Download Provider (CVE-2018-9493)
  • [6Star][2m] [Java] ioactive/aosp-downloadproviderheadersdumper PoC Exploiting Headers Disclosure in Android's Download Provider (CVE-2018-9546)
  • [6Star][2y] [Java] michalbednarski/reparcelbug CVE-2017-0806 PoC (Android GateKeeperResponse writeToParcel/createFromParcel mismatch)
  • [5Star][6y] [PHP] thomascannon/android-cve-2010-4804 Android Data Stealing Vulnerability
  • [3Star][1y] [Java] alexeyzatsepin/cp-tester Android application for finding vulnerabilities in all of content providers based on SQLite databases on your device with sql-injection
  • [3Star][7y] [C] hiikezoe/libfb_mem_exploit CVE-2013-2596 exploit for android
  • [3Star][6y] [Py] niejuhu/pocs Android漏洞验证程序
  • [2Star][3y] [Py] kr1shn4murt1/exploit-ms-17-010 Exploit para vulnerabilidad ms17-010 desde android
  • [2Star][6y] yangwenbo/resetpin POC of Android Fragment Injection vulnerability, about reset PIN
  • [1Star][3m] [Py] brant-ruan/idf4apev Integrated Detection Framework for Android's Privilege Escalation Vulnerabilites

Post

Malware

Tools

Post

Forensics

Tools

  • [395Star][2m] [Py] den4uk/andriller a collection of forensic tools for smartphones
  • [255Star][1m] [Py] orlikoski/cdqr a fast and easy to use forensic artifact parsing tool that works on disk images, mounted drives and extracted artifacts from Windows, Linux, MacOS, and Android devices
  • [108Star][5y] [Py] mspreitz/adel dumps all important SQLite Databases from a connected Android smartphone to the local disk and analyzes these files in a forensically accurate workflow
  • [108Star][3y] projectretroscope/retroscope Public release of the RetroScope Android memory forensics framework
  • [41Star][3y] [HTML] scorelab/androphsy An Open Source Mobile Forensics Investigation Tool for Android Platform
  • [26Star][4y] [Py] cyberhatcoil/acf Android Connections Forensics
  • [8Star][8y] [Py] agnivesh/aft [Deprecated] Android Forensic Toolkit

Post

Hook

XPosed

Tools

  • [1763Star][2y] [Java] ac-pm/inspeckage Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
  • [1730Star][4m] [Java] tiann/epic Dynamic java method AOP hook for Android(continution of Dexposed on ART), Supporting 4.0~10.0
  • [708Star][1m] [Java] ganyao114/sandhook Android ART Hook/Native Inline Hook/Single Instruction Hook - support 4.4 - 10.0 32/64 bit - Xposed API Compat
  • [429Star][4y] [Makefile] mindmac/androideagleeye An Xposed and adbi based module which is capable of hooking both Java and Native methods targeting Android OS.
  • [220Star][1y] [C] gtoad/android_inline_hook Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32 and ARM64 ! With this, tools like Xposed can do android native hook.
  • [169Star][2m] [Java] 546669204/wechatbot-xposed A WeChat robot unit ,based on the android xposed framework hook to implement WeChat app robot functions
  • [128Star][2y] [Java] bmax121/budhook An Android hook framework written like Xposed,based on YAHFA.
  • [104Star][5y] [Java] rednaga/dexhook DexHook is a xposed module for capturing dynamically loaded dex files.
  • [50Star][1y] [Py] hrkfdn/deckard Deckard performs static and dynamic binary analysis on Android APKs to extract Xposed hooks

Post

Frida

Tools

  • [277Star][2y] [Py] antojoseph/frida-android-hooks Lets you hook Method Calls in Frida ( Android )
  • [271Star][1m] [JS] frenchyeti/dexcalibur Dynamic binary instrumentation tool designed for Android application and powered by Frida. It disassembles dex, analyzes it statically, generates hooks, discovers reflected methods, stores intercepted data and does new things from it. Its aim is to be an all-in-one Android reverse engineering platform.
  • [99Star][2y] [Java] piasy/fridaandroidtracer A runnable jar that generate Javascript hook script to hook Android classes.
  • [30Star][9m] [TS] igio90/frida-onload Frida module to hook module initializations on android
  • [3Star][3m] [Py] margular/frida-skeleton This repository is supposed to define infrastructure of frida on hook android including some useful functions

Post

Tools

Post

Harden&&Crack

Other

Dalvik

Tools

Post

APK

Tools

  • [14704Star][3m] [Java] tencent/tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.
  • [6265Star][3m] [Java] droidpluginteam/droidplugin A plugin framework on android,Run any third-party apk without installation, modification or repackage
  • [1879Star][1m] [Java] yeriomin/yalpstore Download apks from Google Play Store
  • [1521Star][6m] [C++] vaibhavpandeyvpz/apkstudio Open-source, cross platform Qt based IDE for reverse-engineering Android application packages.
  • [1329Star][1y] [Shell] dana-at-cp/backdoor-apk a shell script that simplifies the process of adding a backdoor to any Android APK file.
  • [1215Star][2m] [Java] javiersantos/piracychecker An Android library that prevents your app from being pirated / cracked using Google Play Licensing (LVL), APK signature protection and more. API 14+ required.
  • [914Star][7y] [Java] sonyxperiadev/apkanalyser ApkAnalyser
  • [745Star][2m] [YARA] rednaga/apkid Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
  • [685Star][1m] [Batchfile] ufologist/onekey-decompile-apk 一步到位反编译apk工具(onekey decompile apk)
  • [678Star][7y] [Java] honeynet/apkinspector APKinspector is a powerful GUI tool for analysts to analyze the Android applications.
  • [589Star][4m] [Java] alexzaitsev/apk-dependency-graph Android class dependency visualizer. This tool helps to visualize the current state of the project.
  • [552Star][5y] [Shell] lxdvs/apk2gold CLI tool for decompiling Android apps to Java. It does resources! It does Java! Its real easy!
  • [544Star][1y] [Java] jaredrummler/apkparser APK parser for Android
  • [541Star][1m] [Java] windysha/xpatch 免Root实现app加载Xposed插件工具。This is a tool to repackage apk file, then the apk can load any xposed modules installed in the device. It is another way to hook an app without root device.
  • [502Star][3m] [TS] shroudedcode/apk-mitm
  • [495Star][4m] [Shell] s0md3v/diggy Extract endpoints from apk files.
  • [391Star][6m] [Java] patrickfav/uber-apk-signer A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing scheme has an embedded debug keystore and auto verifies after signing.
  • [376Star][2y] [Shell] m4sc3r4n0/evil-droid a framework that create & generate & embed apk payload to penetrate android platforms
  • [332Star][2m] [Shell] 1n3/reverseapk Quickly analyze and reverse engineer Android packages
  • [304Star][2m] [Shell] venshine/decompile-apk auto decompile function for produce Java source code and resources from Android Apk files that displayed on GUI.
  • [289Star][2m] [Py] abhi-r3v0/adhrit Android Security Suite for APK reversing, in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
  • [288Star][5m] [Java] appium/sign Sign.jar automatically signs an apk with the Android test certificate.
  • [283Star][3y] [Java] fourbrother/icodetools Android中动态自动插入代码到apk中工具
  • [266Star][2y] [Java] l-jinbin/apksignaturekiller 一键破解APK签名校验
  • [253Star][2y] [Java] godlikewangjun/dexknife-wj apk加固插件 带签名校验、dex加密、资源混淆
  • [230Star][4y] [Ruby] strazzere/apkfuscator A generic DEX file obfuscator and munger
  • [196Star][2m] [Py] claudiugeorgiu/obfuscapk A black-box obfuscation tool for Android apps
  • [190Star][3y] [Py] andy10101/apkdetecter Android Apk查壳工具及源代码
  • [181Star][2m] [JS] chenquincy/app-info-parser A javascript parser for parsing .ipa or .apk files. IPA/APK文件 js 解析器
  • [175Star][4m] [Java] calebfenton/apkfile Android app analysis and feature extraction library
  • [168Star][2y] [Py] certcc/keyfinder A tool for finding and analyzing private (and public) key files, including support for Android APK files.
  • [161Star][2y] [Java] iqiyi/dexsplitter Analyze contribution rate of each module to the apk size
  • [149Star][2y] [Py] mhelwig/apk-anal Android APK analyzer based on radare2 and others.
  • [148Star][2m] [Py] yukiarrr/il2cppspy Unity IL2CPP Disassembler (for apk)
  • [135Star][5y] [Java] wanchouchou/apkprotect 通付盾第一代安全加固方案
  • [109Star][2m] [Py] quarkslab/legu_unpacker_2019 Scripts to unpack APK protected by Legu
  • [107Star][1m] [Py] zsdlove/apkvulcheck This is a tool to help androidcoder to check the flaws in their projects.
  • [107Star][7m] [Py] alessandrodd/apk_api_key_extractor Automatically extracts API Keys from APK files
  • [106Star][2m] [Py] virb3/apk-utilities A cross-platform suite of scripts and utilities for working with APK files
  • [96Star][2y] [Shell] adi1090x/hackapk An Advanced Tool For Complete Apk-Modding In Termux ...
  • [95Star][2y] [Shell] jbreed/apkwash Android APK Antivirus evasion for msfvenom generated payloads.
  • [94Star][6m] [Py] furniel/apk-changer Command line program for modifying apk files
  • [85Star][11m] [C++] kefir500/apk-icon-editor APK editor to easily change APK icons, name and version.
  • [83Star][1m] [Py] wulio/coeus Android apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描
  • [81Star][1m] [Kotlin] linkedin/dex-test-parser Find all test methods in an Android instrumentation APK
  • [79Star][3y] [Ruby] xc0d3rz/metasploit-apk-embed-payload Embed a Metasploit Payload in an Original .Apk File
  • [71Star][1m] [Shell] hax4us/apkmod Apkmod can decompile, recompile, sign APK, and bind the payload with any legit APP
  • [69Star][3m] [C++] kefir500/apk-editor-studio Powerful yet easy to use APK editor.
  • [65Star][3m] [C++] sisong/apkdiffpatch a C++ library and command-line tools for Zip(Jar,Apk) file Diff & Patch; create minimal delta/differential; support Jar sign(apk v1 sign) & apk v2,v3 sign .
  • [62Star][11m] [Py] andy10101/apksecurityanalysis ApkSecurityAnalysis
  • [61Star][5y] [Py] hamiltoniancycle/classnamedeobfuscator Simple script to parse through the .smali files produced by apktool and extract the .source annotation lines.
  • [50Star][3y] [Shell] osm0sis/apk-patcher Patch APKs on-the-fly from Android recovery (Proof of Concept)
  • [49Star][3y] [Py] mothran/apkminer Parallel APK analyzer
  • [49Star][2m] [Java] catherine22/classloader Loading apks or classes without reinstalling your app.
  • [48Star][3y] [Java] linsea/apkcompare A tool to compare 2 version APKs to find out files change. 比较两个版本的APK以找出文件大小变化的工具
  • [47Star][8m] [Py] cryptax/angeapk Encrypting a PNG into an Android application
  • [47Star][3y] [Shell] onbiron/apk-resigner A bash script utility for resining Android Package (APK) files.
  • [46Star][6y] [Py] funsecurity/apk_binder_script apk binder script
  • [42Star][3y] [Shell] jbreed/apkinjector Android APK Antivirus evasion for msfvenom generated payloads to inject into another APK file for phishing attacks.
  • [40Star][3y] [Py] h0nus/spynoteshell Simple Python tool for backdooring apks files (with meterpreter or shell of Metasploit)
  • [35Star][9m] [Shell] robertohuertasm/apk-decompiler Small Rust utility to decompile Android apks
  • [33Star][3y] [Ruby] skulltech/apk-payload-injector POC for injecting Metasploit payloads on arbitrary APKs
  • [32Star][1y] [Java] project-artist/dexterous Library and standalone CLI tool for apk/dex merging, repackaging and signing. Can also get used as a dex analyzer framework.
  • [29Star][2m] [Java] martinstyk/apkanalyzer Java tool for analyzing Android APK files
  • [29Star][3m] [Go] avast/apkparser APK manifest & resources parsing in Golang.
  • [26Star][1y] [Ruby] ajitsing/apktojava View android apk as java code in gui
  • [26Star][4m] [Java] calebfenton/resequencer Configurable, flexible regex-based APK modification tool.
  • [21Star][3y] [Py] kudelskisecurity/check_all_apks Check All APK's -- scripts for checking your phone for malware
  • [20Star][5m] [Py] hexabin/apkstat Automated Information Retrieval From APKs For Initial Analysis
  • [20Star][3m] [Shell] gzu-liyujiang/apkdecompiler 【Linux系统】上apk反编译助手,已打包为ApkDecompiler.deb,支持debian系linux,如debian、ubuntu、mint、deepin等等
  • [20Star][2y] [Go] phinexdaz/ipapk ipa or apk parser written in golang, aims to extract app information
  • [19Star][5m] [Go] avast/apkverifier APK Signature verification in Go. Supports scheme v1, v2 and v3 and passes Google apksig's testing suite.
  • [17Star][5y] [JS] dweinstein/node-aptoide aptoide app store APK download
  • [15Star][10m] [C] magisterquis/pcapknock Watches for trigger packets, runs commands or spawns a shell
  • [14Star][4y] [Py] ryanwsmith/apkinspector
  • [14Star][2y] [Py] fourspaces/reverse_lianjia_wxapkg 逆向链家微信小程序,解析 请求的加密方式获取数据
  • [13Star][3y] [Scala] fschrofner/glassdoor glassdoor is a modern, autonomous security framework for Android APKs. POC, unmaintained unfortunately.
  • [13Star][2m] [Java] iamyours/apkcrack A tool that make your apk debuggable for Charles/Fiddler in Android 7.0
  • [12Star][6y] [Ruby] nvisium/ruby_apk_unpack Ruby Gem to Unpack APK(s)
  • [12Star][2m] [JS] shahidcodes/android-nougat-ssl-intercept It decompiles target apk and adds security exception to accept all certificates thus making able to work with Burp/Charles and Other Tools
  • [12Star][2m] [Java] orhun/apkservinject Tool for injecting (smali) services to APK files
  • [11Star][8m] [Ruby] fuzion24/webapkcrawler Uses Google to search for .apks hosted on websites and downloads them
  • [9Star][3y] [Py] voider1/a2scomp A tool to make it easier to change the SMALI of an APK
  • [8Star][3y] [Shell] manofftoday/venomdroid3 Script that easily creates, signs and AV bypass .apk metasploit reverse_tcp payload.
  • [7Star][3y] [Ruby] strazzere/ewmami A gem will allow you to query the Google Play APK Verification (AntiMalware) service
  • [6Star][1y] as0ler/android-examples APK's used as example Apps for decompiling
  • [4Star][1m] [Py] technowlogy-pushpender/apkinfector Advanced Android AV Evasion Tool Written In Python 3 that can Embed/Bind meterpreter APK to any Legitimate APK
  • [3Star][4m] [Shell] deadport/apkill Pentest script for Aircrack-ng on debianesque systems that makes deauthing clients and catching handshakes of WiFi simple and fast.
  • [3Star][12m] [Visual Basic .NET] pericena/apkcpd Compilar aplicaciones apk
  • [3Star][11m] [Visual Basic .NET] pericena/apkdcx Los programas nos ayudara a poder descomprimir o descompilar las aplicaciones que son desarrollada en Android, con la extensión”.apk “para poder modificar el código y mejorar la aplicación.
  • [2Star][1y] [Py] thor509/apk_digger
  • [1Star][1y] [Py] b11001010/koodous-report-downloader Get apk's analysis report from
  • [1Star][6y] huyle333/androidmitllctf2013 BUILDS Team 2 Android code from the MIT LL CTF 2013 for future reference. A list of APK files with different functions.
  • [0Star][5y] [C++] raziel23x/apk-gamers-side-shooter

ADB

Tools

  • [607Star][5m] [Py] ashishb/adb-enhanced
  • [585Star][1m] [Py] metachar/phonesploit Using open Adb ports we can exploit a Andriod Device
  • [561Star][2m] [Shell] corbindavenport/nexus-tools Bash script for quickly installing ADB and Fastboot on macOS and Linux.
  • [470Star][7y] [Shell] kosborn/p2p-adb Phone to Phone Android Debug Bridge - A project for "debugging" phones... from other phones.
  • [401Star][1m] [Java] rikkaapps/shizuku Help normal apps using system APIs directly with adb/root privileges through a Java process started with app_process.
  • [258Star][2m] [Shell] 4ch12dy/xadb some useful adb commands for android reversing and debugging both 32 and 64 bit and support macOS and win10's MINGW64.
  • [242Star][1y] [Py] tiann/super-adb Enhance the adb shell using busybox, supporting vi、grep and awk etc. No need root.
  • [206Star][3y] [Java] cgutman/adblib A Java library implementation of the ADB network protocol
  • [206Star][2y] [C#] labo89/adbgui Wrapper for Android Debug Bridge (ADB) written in C#
  • [148Star][1m] [Shell] izzysoft/adebar Android DEvice Backup And Report, using Bash and ADB
  • [125Star][8m] [Ruby] mttkay/replicant A REPL for the Android Debug Bridge (ADB)
  • [122Star][5y] irsl/adb-backup-apk-injection Android ADB backup APK Injection POC
  • [104Star][4m] [Py] huuck/adbhoney Low interaction honeypot designed for Android Debug Bridge over TCP/IP
  • [103Star][1m] [JS] webadb/webadb.js ADB host implementation based on WebUSB
  • [92Star][2m] [Java] rikkaapps/wadb A simple switch for adb (Android Debug Bridge) over network.
  • [88Star][3m] [Java] patrickfav/uber-adb-tools A tool that enables advanced features through adb installing and uninstalling apps like wildcards and multi device support. Useful if you want to clean your test device from all company apks or install a lot of apks in one go. Written in Java so it should run on your platform.
  • [41Star][5y] [Py] techbliss/adb_helper_qt_super_version All You Need For Ida Pro And Android Debugging
  • [39Star][3y] [JS] naman14/gnome-android-tool Gnome shell extension for adb tools
  • [33Star][1m] [Py] entynetproject/ghost Ghost Framework is an Android post exploitation framework that uses an Android Debug Bridge to remotely access an Android device. Ghost Framework gives you the power and convenience of remote Android device administration.
  • [28Star][7m] [Go] cs8425/go-adbbot android bot based on adb and golang
  • [14Star][1m] [Shell] ashwin990/adb-toolkit ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!
  • [8Star][3m] [Lua] wazehell/remote-adb-scan pure python remote adb scanner + nmap scan module
  • [3Star][3y] prashantmi/android-h Android Hacker is a software based on ADB (Android Debug Bridge) and can compromise any "Android Device"

Post

IDA Pro

Tools

Post

Frida

Tools

Post

Tools

Post

Contribute

Contents auto exported by Our System, please raise Issue if you have any question.