Learn practical Mobile and API security techniques: API Key, Static and Dynamic HMAC, Dynamic Certificate Pinning, and Mobile App Attestation.

This is a skeleton of an APK where different Android permissions and services made in Kotlin are used.

A tool to shift-left sensitive changes on your Android deployable archives

IntelliJ Platform plugin designed to enhance your security by scanning project build scripts for malicious code before you open them.

Automate Android devices with an LLM agent that takes natural language commands from messaging apps and runs device tasks autonomously

A security-hardened Android browser built for private, safe, and protected online banking.

Android overlay attack & SMS OTP stealer PoC using AccessibilityService — security research only

A mobile caller identification application that helps identify unknown callers, block spam calls, and manage contacts. Built with modern tools to provide real-time caller information and enhance call management experience.

📱 NullSec Mobile - Security toolkit for Android & iOS | Network scanner, WiFi analyzer, hash tools, crypto utilities | Pentesting on the go | @anonantics | discord.gg/killers

Exploring android security by delving into Intents, using secure API calls, finding vulnerabilities in design and making application lighter and safer by removing unnecessary data collecting code

Sentinel is a lightweight and modular Kotlin multiplatform security toolkit designed to analyze operating environments and detect potential security threats in real time.

Android call redirection attack PoC using CallRedirectionService & InCallService - security research only

A Rogue App that explores some AndroGoat project vulnerabilities

This is a transparent, user-controlled SMS forwarding Android app built to demo how sensitive permissions like SMS access can be abused and why users should be careful when granting them. The app listens for incoming SMS messages and, forward to your configured ph.no, it doesnot have any internet permission and made for educ purpose safe to use.

VARYNX — Privacy-first offline security engine for Android. 10 real-time threat modules, zero cloud dependency, zero data collection.

Android app that reveals how anti-fraud SDKs detect VPN usage on your device

Open-source Android security scanner and endpoint detection (EDR). Detects spyware, stalkerware, and malware entirely on-device.

Next-gen Android security: On-device AI malware scanning, real-time threat protection, network traffic analysis, and cloud-powered threat intelligence.

Privacy guard Android app — audit permissions, detect background data usage, track trackers. Built with Kotlin + Firebase.

Bachelor Thesis - App for demonstrating the development method to securely erase data on an android device