Ghidra is a software reverse engineering (SRE) framework

Everything you need to know to get the job.

Dex to Java decompiler

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

MCP Server for Ghidra

Runtime code generation for the Java virtual machine.

AIMSICD • Fight IMSI-Catcher, StingRay and silent SMS!

Decompiler from Java bytecode to Java, used in IntelliJ IDEA.

No-root network monitor, firewall and PCAP dumper for Android

iOS and macOS Decompiler

Android backup extractor

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

JasperReports® - Free Java Reporting Library

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

A malicious LDAP server for JNDI injection attacks

Core annotations (annotations that only depend on jackson-core) for Jackson data processor

An android Dex protection shell implementation

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Oversecured Vulnerable Android App

Java .class to .cpp converter for use with JNI

Building Microservices with Spring Boot

🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual authentication for a java based web server and a client with both Spring Boot. Different clients a…

JMX enumeration and attacking tool.

Open source Android Forensics app and framework

Analysis scripts for Ghidra to work with Android NDK libraries.

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

CERT Kaiju is a binary analysis framework extension for the Ghidra software reverse engineering suite. This repository is the primary, canonical repository for this project -- file bug reports and …

Samples for the Google SafetyNet Attestation API