Everything you need to know to get the job.

Ghidra is a software reverse engineering (SRE) framework

Dex to Java decompiler

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

The ZAP by Checkmarx Core project

Cryptomator for Windows, macOS, and Linux: Secure client-side encryption for your cloud storage, ensuring privacy and control over your data.

Style and Grammar Checker for 25+ Languages

Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

Tools to work with android .dex and java .class files

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning

An Open Source Java Decompiler Gui for Procyon

OpenGrok is a fast and usable source code search and cross reference engine, written in Java

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

Hackpad is a web-based realtime wiki.

Implementation of Algorithms and Data Structures, Problems and Solutions

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to invest…

Supplementary resources for the AWS Lambda Developer Guide

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

The new bridge between Burp Suite and Frida!

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…

Web and mobile application security training platform

Vulnerable app with examples showing how to not use secrets

Coverage-guided, in-process fuzzing for the JVM

Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.