Stars
Open Source Vulnerability Management Platform
A curated list of awesome Ghidra materials
Analysis scripts for Ghidra to work with Android NDK libraries.
UNIX-like reverse engineering framework and command-line toolset
This repository contains wordlists for brute-forcing paths/files for web pentesting.
Burp Suite extension that mutates ciphers to bypass TLS-fingerprint based bot detection
Tool to look for several security related Android application vulnerabilities
Nuclei Templates Collection
Skill de Pentesting para Android
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
smalidea is a smali language plugin for IntelliJ IDEA
Colored logcat script which only shows log entries for a specific application package.
Next.js v16.2.4 Security PoC Collection (CVE-2026-23870, CVE-2026-44575, CVE-2026-44579, CVE-2026-44574, CVE-2026-44578, CVE-2026-44573, CVE-2026-44581, CVE-2026-44580, CVE-2026-44577, CVE-2026-445…
This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
BugBounty-Recon-Methodology
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
DIVA Android - Damn Insecure and vulnerable App for Android
Checks if an Android application has successfully completed the "App Link Verification" process for Android App Links.
hax0rgb / InsecureShop
Forked from optiv/InsecureShopAn Intentionally designed Vulnerable Android Application built in Kotlin.
My own collection of Frida scripts and tricks
Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used in JAR / WAR / APK applications.
smali and baksmali - release artifacts for all versions (v3 by @google, v2 and v1 by @JesusFreke)