Starred repositories
Ghidra is a software reverse engineering (SRE) framework
A Frida MCP server to enable autonomous AI assistance for Android instrumentation
iOS Utils TrollStore App reboot your device
IDE to develop native code iOS apps on unjailbroken iOS it self just via a certificate and a kernel virtualization layer for those apps.
Attempt to manipulate platform process task port with CoreTrust bug alone
idb is a flexible command line interface for automating iOS simulators and devices
AI agents can now use real Android and iOS apps, just like a human.
Source code for the paper "Empowering LLM to use Smartphone for Intelligent Task Automation"
AppAgent: Multimodal Agents as Smartphone Users, an LLM-based multimodal agent framework designed to operate smartphone apps.
AgentCPM-GUI: An on-device GUI agent for operating Android apps, enhancing reasoning ability with reinforcement fine-tuning for efficient task execution.
The official repo for iDevice Toolkit, my iOS tweaking / customization tool for iOS 16.0 - 18.5 and iOS 26
Patch iOS Apps, The Easy Way, Without Jailbreak.
Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as "Wireshark for Binder".
eBPF Developer Tutorial: Learning eBPF Step by Step with Examples
HTTP proxy server,support HTTPS&websocket.MITM impl,intercept and tamper HTTPS traffic.
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
A debugging and profiling tool that can trace and visualize python code execution
Timeless debugging with symbolic execution and processor trace
Scripts to unpack APK protected by Legu
a taint tracer based on DynamoRIO, currently ARM only
An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.