Keep passwords and other sensitive information out of your inboxes and chat logs.

1 script run the vphone

Frida-powered hook runner based on JSON hook files.

Documenting your Threat Models with HCL

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more

iOS and macOS Decompiler

AI Security tool to deobfuscate and find any potential vulnerabilities in android apps.

Your gateway to OWASP. Discover, engage, and help shape the future!

Integration and automation API for Corellium

An Intentionally Vulnerable Android App

A description of the electronics of the artwork decision tree, 2024

Run Capture the Flags and Security Trainings with OWASP WrongSecrets

OWASP Foundation Web Respository

game of active directory

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

OWASP Foundation Web Respository

An Open Letter to the OWASP Board

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Vulnerable app with examples showing how to not use secrets

A repo to house files for our blogposts on blog.nviso.eu

List of vendors that do not allow IMDSv2 enforcement

DIY Alexa

The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Containers, Kubernetes Clusters, and Cloud Native workloads.

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysi…

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources