A reverse engineering tool for decompiling and disassembling the React Native Hermes bytecode

Yandex Cloud CloudQuery source plugin

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

Miller is like awk, sed, cut, join, and sort for name-indexed data such as CSV, TSV, and tabular JSON

Integrate Magisk root and Google Apps into WSA (Windows Subsystem for Android)

Bring projects, wikis, and teams together with AI. AppFlowy is the AI collaborative workspace where you achieve more without losing control of your data. The leading open source Notion alternative.

SQL-like query language for csv

LSPosed Framework

Collection of Facebook Bug Bounty Writeups

A command-line tool for downloading APK files from various sources

Intent traffic monitoring tool.

Community curated list of public bug bounty and responsible disclosure programs.

ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have…

🎨 Make your screenshot/image more professional by rotating, adding shadow and more.

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Android binary file parser written in golang

This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty.

AERoot is a command line tool that allows you to give root privileges on-the-fly to any process running on the Android emulator with Google Play flavors AVDs.

HopLa Burp Suite Extender plugin - Brings AI capabilities, autocompletion support, and a set of useful payloads to Burp Suite

Some of D3.js v5 example pages visualize the result from Neo4j

ActivityPub-federated video streaming platform using P2P directly in your web browser

Kraker is a distributed password brute-force system that focused on easy use.

🌠 Manage your shell commands.

Reverse engineering and pentesting for Android applications

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

A collection of android security related resources

Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.

Extract uncompiled, uncompressed SPA code from Webpack source maps.

Burpsuite Extension to bypass 403 restricted directory

This is a write-up for the Now Secure Android reverse engineering CTF based on analysing a car key-less application. ... It has nothing to do with the Tesla CyberTruck.