# Mobile App Security Testing Frameworks > Search results for `mobile app security testing framework for Android and iOS` on awesome-repositories.com. 115 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/mobile-app-security-testing-framework-for-android-and-ios **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/mobile-app-security-testing-framework-for-android-and-ios).** ## Results - [mobsf/mobile-security-framework-mobsf](https://awesome-repositories.com/repository/mobsf-mobile-security-framework-mobsf.md) (21,224 ⭐) — Mobile Security Framework is an automated security testing platform designed for the analysis of Android, iOS, and Windows mobile application binaries. It functions as a comprehensive suite for identifying security vulnerabilities, privacy risks, and malicious code within mobile software packages. The framework distinguishes itself by combining static and dynamic analysis techniques to evaluate application behavior. It performs static inspection of source code and binaries to detect insecure patterns, while simultaneously utilizing dynamic instrumentation and containerized sandboxing to monit - [android/testing-samples](https://awesome-repositories.com/repository/android-testing-samples.md) (9,297 ⭐) — This is a collection of sample projects that demonstrate how to write automated tests for Android applications. The samples cover a range of testing techniques, including simulating user interactions with the Espresso framework, verifying navigation and inter-component communication through intent interception, and managing activity, intent, and service lifecycles using reusable test rules. The repository provides concrete implementations for testing across multiple application windows, capturing screenshots during test execution for visual verification, and synchronizing test assertions with - [m0bilesecurity/rms-runtime-mobile-security](https://awesome-repositories.com/repository/m0bilesecurity-rms-runtime-mobile-security.md) (2,971 ⭐) — This project is an Android security analysis toolkit and mobile app runtime manipulator designed for reverse engineering and auditing mobile applications. It provides a system for modifying Java classes and method behavior in active mobile processes to bypass security controls. The toolkit includes a web-based interface for controlling the instrumentation engine and a specialized utility for disabling certificate validation to intercept and inspect encrypted network traffic via SSL pinning bypass. It also features an Android file explorer for browsing and managing files within private data di - [dyad-sh/dyad](https://awesome-repositories.com/repository/dyad-sh-dyad.md) (19,648 ⭐) — Dyad is a local, artificial intelligence-powered development environment designed to manage, edit, and scaffold full-stack software projects. It functions as an automated codebase manager and code editor that leverages language models to execute programming tasks, maintain project context, and apply targeted modifications directly to source files on a user's machine. The platform distinguishes itself through a model-agnostic architecture that allows for flexible integration with various language model runtimes. It provides specialized operational modes to optimize development speed and effici - [fmhy/fmhy](https://awesome-repositories.com/repository/fmhy-fmhy.md) (13,150 ⭐) — FMHY is a community-driven index designed to organize and distribute decentralized digital content through standardized metadata and protocol-agnostic linking. It functions as a resilient, distributed map of internet resources, providing a structured directory that facilitates the discovery of media, software, and educational tools without reliance on centralized control. The project distinguishes itself by maintaining a massive, human-verified repository of external links that span diverse digital ecosystems, including peer-to-peer networks, Usenet, and direct download servers. By utilizing - [chatwoot/chatwoot](https://awesome-repositories.com/repository/chatwoot-chatwoot.md) (31,959 ⭐) — Chatwoot is a self-hosted, omnichannel customer support platform designed to aggregate messages from diverse social and digital channels into a single, collaborative team inbox. It provides organizations with full data ownership and control over their support infrastructure, ensuring strict logical separation of customer data through multi-tenant architecture. By centralizing communication, the platform enables teams to manage, route, and resolve inquiries within a unified workspace that maintains complete interaction history for every contact. The platform distinguishes itself through an eve - [1n3/sn1per](https://awesome-repositories.com/repository/1n3-sn1per.md) (10,049 ⭐) — Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan - [dedsyn4ps3/tauri-mobile-test](https://awesome-repositories.com/repository/dedsyn4ps3-tauri-mobile-test.md) (145 ⭐) — An example app using the new Tauri Mobile alpha - [fingerprintjs/fingerprintjs](https://awesome-repositories.com/repository/fingerprintjs-fingerprintjs.md) (27,334 ⭐) — Fingerprint is a visitor identification and fraud detection platform that generates persistent, unique identifiers by analyzing browser and device attributes. By extracting technical signals from the client environment, it enables reliable user tracking across sessions without relying on traditional cookies. The platform distinguishes itself through its focus on high-accuracy identification and security-first architecture. It employs edge-side proxying to bypass ad-blockers and privacy restrictions, ensuring consistent data collection. To maintain data integrity, it uses cryptographic payload - [trimstray/the-book-of-secret-knowledge](https://awesome-repositories.com/repository/trimstray-the-book-of-secret-knowledge.md) (228,641 ⭐) — This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity practitioners. By mapping resources across offensive security, infrastructure management, and software development, it offers a unified path for skill acquisition and professional reference. The project is defined by a command-line-first design philosophy, prioritizing terminal - [chatwoot/chatwoot-mobile-app](https://awesome-repositories.com/repository/chatwoot-chatwoot-mobile-app.md) (933 ⭐) — Mobile app for Chatwoot - React Native - [scottyab/rootbeer](https://awesome-repositories.com/repository/scottyab-rootbeer.md) (2,858 ⭐) — Rootbeer is an Android security SDK and root detection library designed to verify device integrity and identify operating system tampering. It functions as a device integrity checker that scans for management applications and system files indicating root access or unlocked bootloaders. The library employs a variety of detection techniques, including binary-presence scanning for superuser binaries, direct file system probing of restricted directories, and property-based environment validation of kernel flags and build properties. It utilizes a Java-native interface bridge to execute low-level - [flet-dev/flet](https://awesome-repositories.com/repository/flet-dev-flet.md) (15,611 ⭐) — Flet is a cross-platform framework that enables developers to build interactive desktop, mobile, and web applications using only Python. By utilizing a declarative programming model, it allows for the construction of complex user interfaces through a hierarchical structure of components, removing the need for specialized knowledge of web-specific languages like HTML, CSS, or JavaScript. The framework distinguishes itself by offloading visual rendering to a high-performance graphics engine while maintaining application logic within a centralized server-side environment. This architecture synch - [ros-mobile/ros-mobile-android](https://awesome-repositories.com/repository/ros-mobile-ros-mobile-android.md) (538 ⭐) — Visualization and controlling application for Android - [bagisto/opensource-ecommerce-mobile-app](https://awesome-repositories.com/repository/bagisto-opensource-ecommerce-mobile-app.md) (14,154 ⭐) — This project is a cross-platform mobile framework designed for building native e-commerce applications. It provides a comprehensive foundation for multi-vendor marketplaces and business-to-business procurement platforms, enabling the development of mobile storefronts that synchronize inventory, orders, and customer data with backend services in real-time. The platform is distinguished by its multi-tenant architecture, which allows a single infrastructure to host multiple independent merchant storefronts while maintaining isolated product catalogs and administrative settings. It supports compl - [reverseclabs/drozer](https://awesome-repositories.com/repository/reverseclabs-drozer.md) (4,542 ⭐) — Drozer is a security testing framework for Android applications that operates through an agent-based remote execution model. It combines a client-server command routing system with a device-side agent, enabling security assessments by mapping inter-process communication (IPC) attack surfaces and running dynamic exploit modules directly on Android devices. The framework distinguishes itself through its ability to discover and enumerate exported Android components by analyzing manifest data and crafting Intents to probe for vulnerabilities. It supports content provider query injection to detect - [googlechrome/lighthouse](https://awesome-repositories.com/repository/googlechrome-lighthouse.md) (30,355 ⭐) — Lighthouse is an automated diagnostic tool that evaluates web pages against industry standards for performance, accessibility, and search engine optimization. It functions as a programmatic analysis engine and a command-line utility, allowing developers to integrate comprehensive web quality checks directly into continuous integration pipelines and local development workflows. The project distinguishes itself through a modular architecture that utilizes artifact-based data collection to ensure consistent analysis across different environments. It supports a headless execution mode for automat - [tbruyelle/rxpermissions](https://awesome-repositories.com/repository/tbruyelle-rxpermissions.md) (10,416 ⭐) — RxPermissions is a reactive permissions library for Android that manages runtime system permissions using RxJava observables. It serves as a wrapper for the Android runtime permission manager, converting asynchronous system requests and their results into a unified reactive stream. The library eliminates the need for fragmented callback methods by using a hidden fragment to intercept permission request results. This allows the request and the resulting outcome to remain within a single logic flow, avoiding boilerplate callbacks in the activity. The system supports requesting multiple permiss - [jverkoey/ios-framework](https://awesome-repositories.com/repository/jverkoey-ios-framework.md) (2,594 ⭐) — How to create, develop, and distribute iOS Static Frameworks quickly and efficiently - [z4nzu/hackingtool](https://awesome-repositories.com/repository/z4nzu-hackingtool.md) (77,515 ⭐) — This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating ext - [expo/expo](https://awesome-repositories.com/repository/expo-expo.md) (50,111 ⭐) — Expo is a universal mobile framework designed to build native iOS and Android applications from a single codebase using web-standard technologies. It provides a comprehensive development environment that includes a unified runtime for testing, cloud-based infrastructure for compiling and signing native binaries, and automated tools for managing the entire mobile release lifecycle, including app store submission. The framework distinguishes itself through a plugin-based native configuration engine that programmatically modifies project files, allowing developers to integrate native modules wit - [flutter/flutter](https://awesome-repositories.com/repository/flutter-flutter.md) (177,056 ⭐) — This project is a multi-platform UI framework designed for building applications that target mobile, web, and desktop environments from a single codebase. It utilizes a declarative paradigm where the user interface is defined as a function of application state, supported by a layered architecture that includes a high-performance rendering engine and a multi-platform compilation model. The framework provides a comprehensive suite of developer tools, including hot reloading for real-time code injection and diagnostic utilities for monitoring application state and performance. It features a modu - [mvt-project/mvt](https://awesome-repositories.com/repository/mvt-project-mvt.md) (12,481 ⭐) — This project is a command-line forensic toolkit designed for the investigation and security auditing of mobile devices. It provides a framework for collecting system logs, application data, and forensic artifacts to identify potential security breaches, unauthorized access, or evidence of malicious activity. The utility employs a modular extraction architecture that parses diverse file formats and system logs into a standardized, normalized data structure. By utilizing this unified format, the tool performs both heuristic analysis of system metadata and pattern matching against structured thr - [mokkapps/rebelgamer-mobile-app](https://awesome-repositories.com/repository/mokkapps-rebelgamer-mobile-app.md) (37 ⭐) — Mobile app for the gaming blog www.rebelgamer.de - [saucelabs/sample-app-mobile](https://awesome-repositories.com/repository/saucelabs-sample-app-mobile.md) (100 ⭐) — In this repository you will find our Sauce Labs sample-app. You can use it as a sample app for testautomation on your local machine or in our Real Device Cloud. The latest version of the iOS and Android app can be found here.\ There are several user accounts for this app that will trigger… - [sensepost/objection](https://awesome-repositories.com/repository/sensepost-objection.md) (8,896 ⭐) — Objection is a dynamic instrumentation framework and runtime exploration toolkit for mobile application security analysis. It provides a command-line interface to interact with the memory and state of iOS and Android applications during active execution, serving as a toolkit for runtime analysis and security testing. The project distinguishes itself by providing specialized capabilities to bypass common mobile security controls, including SSL pinning, biometric authentication, and root or jailbreak detection. It enables the extraction of sensitive credentials and data from secure storage syst - [flipperdevices/flipperzero-firmware](https://awesome-repositories.com/repository/flipperdevices-flipperzero-firmware.md) (15,563 ⭐) — This project provides an open-source firmware platform and complete build environment for portable multi-tool hardware. It functions as an embedded operating system designed to manage radio, infrared, and physical interface components, enabling users to develop custom applications and system logic for specialized hardware devices. The firmware distinguishes itself through a modular architecture that organizes system functionality into isolated units, allowing for the development of custom user interfaces and logic. It includes a comprehensive collection of low-level drivers and applications s - [circuitverse/mobile-app](https://awesome-repositories.com/repository/circuitverse-mobile-app.md) (92 ⭐) — CircuitVerse for mobile is a cross platform application built in flutter using CircuitVerse API. - [owasp/owasp-mstg](https://awesome-repositories.com/repository/owasp-owasp-mstg.md) (12,973 ⭐) — The Mobile Application Security Testing Guide is a comprehensive manual and compliance framework for verifying the security of mobile applications. It provides a standardized reference for identifying and validating common software security weaknesses and performing reverse engineering based on industry standards. The project provides a structured set of technical processes and checklists used to audit applications against established security weakness enumerations. It encompasses guidance for analyzing application binaries and runtime behavior to identify hidden functionality and security ga - [avelino/awesome-go](https://awesome-repositories.com/repository/avelino-awesome-go.md) (175,576 ⭐) — This project serves as a comprehensive language ecosystem index, functioning as a centralized, community-curated directory for the Go programming language. It organizes a vast landscape of software components, libraries, and development tools into a structured, navigable hierarchy, enabling developers to efficiently discover resources tailored to specific functional domains. The repository distinguishes itself through a decentralized contribution model, where community-driven updates ensure the index remains current with the rapidly evolving software landscape. Beyond simple resource listing, - [au-covidsafe/mobile-ios](https://awesome-repositories.com/repository/au-covidsafe-mobile-ios.md) (274 ⭐) — COVIDSafe IOS app - [dioxuslabs/dioxus](https://awesome-repositories.com/repository/dioxuslabs-dioxus.md) (36,400 ⭐) — Dioxus is a cross-platform development framework designed for building native desktop, mobile, and web applications from a single codebase. It utilizes a declarative component model and macro-powered syntax to define reusable interface elements, which are then rendered as native widgets or web elements. At its core, the framework employs a signal-based reactivity system that tracks state dependencies to trigger granular updates, ensuring efficient interface performance without re-rendering the entire application tree. The framework distinguishes itself through a unified full-stack runtime tha - [skylot/jadx](https://awesome-repositories.com/repository/skylot-jadx.md) (49,088 ⭐) — Jadx is a comprehensive Java decompilation suite designed to transform compiled binary application files into readable source code. It functions as a static analysis workbench, providing a graphical interface for navigating, searching, and inspecting the internal logic of complex software packages. By utilizing a bytecode-to-Java pipeline, the project reconstructs high-level logical structures from low-level binary instructions, making it a primary tool for Android application reverse engineering. The project distinguishes itself through a sophisticated control flow reconstruction engine and - [mobile-iot-security-lab/armandroid](https://awesome-repositories.com/repository/mobile-iot-security-lab-armandroid.md) (16 ⭐) — ARMANDroid - anti-repackaging tool for Android apps - [c0re100/qbittorrent-enhanced-edition](https://awesome-repositories.com/repository/c0re100-qbittorrent-enhanced-edition.md) (25,128 ⭐) — qBittorrent-Enhanced-Edition is a cross-platform desktop application designed to manage the downloading and uploading of files across peer-to-peer networks. It functions as an open-source file sharer, facilitating the decentralized distribution of digital content by breaking files into smaller pieces for efficient transfer. The application utilizes a high-performance library to handle complex protocol specifications and employs a mature widget toolkit to provide a consistent native user interface across Windows, macOS, and Linux. It operates as a network traffic manager, incorporating asynchr - [owncloud/ios-app](https://awesome-repositories.com/repository/owncloud-ios-app.md) (248 ⭐) — 📱The all-new iOS app for ownCloud - [samsesh/socialbox-termux](https://awesome-repositories.com/repository/samsesh-socialbox-termux.md) (4,145 ⭐) — SocialBox-Termux is a credential bruteforce suite and security tool collection designed to run within the Termux Android environment. It functions as an automated account cracker used to test password lists against usernames to discover valid login credentials for social media and email platforms. The toolkit incorporates network traffic masking by routing requests through the Tor network to conceal the origin IP address. It utilizes signature-based rate bypass to mimic legitimate client traffic and avoid automated login blocks. The suite provides capabilities for account validation to verif - [owasp/mastg](https://awesome-repositories.com/repository/owasp-mastg.md) (12,985 ⭐) — The Mobile Application Security Testing Guide is a comprehensive framework and technical resource designed for the assessment of mobile software security. It provides a structured collection of requirements and methodologies to identify vulnerabilities and security flaws in mobile applications prior to their deployment. The project distinguishes itself by integrating reverse engineering techniques with standardized testing procedures to evaluate application logic and binary structures. It supports both Android and iOS platforms, utilizing threat-model-driven methodologies to ensure that secur - [android/ndk-samples](https://awesome-repositories.com/repository/android-ndk-samples.md) (10,513 ⭐) — The Android NDK samples provide a comprehensive collection of code examples demonstrating how to integrate C and C++ native code into Android applications. This repository serves as a practical guide for developers utilizing the Android Native Development Kit to implement performance-critical application components that require direct hardware access and low-level system interaction. The project highlights the use of the Java Native Interface to bridge managed code with native modules, enabling cross-language function calls and efficient data exchange. It demonstrates how to manage native act - [mozilla-mobile/focus-ios](https://awesome-repositories.com/repository/mozilla-mobile-focus-ios.md) (1,250 ⭐) — ⚠️ Firefox Focus (iOS) has moved to a new repository. It is now developed and maintained as part of: https://github.com/mozilla-mobile/firefox-ios - [revanced/revanced-manager](https://awesome-repositories.com/repository/revanced-revanced-manager.md) (25,932 ⭐) — ReVanced Manager is an Android application patcher designed to modify compiled mobile binaries. It enables users to inject custom features, alter runtime behavior, and remove interface elements without requiring access to original source code. The utility distinguishes itself by performing all operations locally on the user device, ensuring privacy by avoiding external server dependencies. It automates the entire modification lifecycle, including the retrieval of application files, the application of bytecode-level patches, and the generation of new cryptographic signatures to ensure the resu - [airbnb/lottie-android](https://awesome-repositories.com/repository/airbnb-lottie-android.md) (35,614 ⭐) — Lottie-android is a native vector animation engine and library for Android that parses JSON specification files into high-fidelity animations. It functions as a JSON animation parser and renderer, translating After Effects exported data into native draw calls to maintain design fidelity on mobile devices. The library supports dynamic user interface control by allowing the modification of animation properties, such as colors, text, and shape attributes, during runtime playback. It also integrates with system-level accessibility settings to adjust playback and visibility in accordance with redu - [wordpress-mobile/android-passcodelock](https://awesome-repositories.com/repository/wordpress-mobile-android-passcodelock.md) (348 ⭐) — Android Library that provides passcode lock to your app - [hashicorp/terraform](https://awesome-repositories.com/repository/hashicorp-terraform.md) (48,720 ⭐) — Terraform is a declarative infrastructure-as-code tool designed to manage the lifecycle of cloud and on-premises resources. It functions as a workflow engine that reconciles a defined desired state against real-world infrastructure, using a persistent state-tracking layer to maintain consistency and visibility across distributed environments. By mapping infrastructure components into a directed acyclic graph, the system calculates the optimal order for provisioning, updating, or destroying resources. The platform is distinguished by its extensible plugin-based architecture, which decouples co - [ivpn/android-app](https://awesome-repositories.com/repository/ivpn-android-app.md) (466 ⭐) — IVPN for Android is a native app built using Java and Kotlin languages. Some of the features include: multiple protocols (OpenVPN, WireGuard), Kill-switch, Multi-Hop, Trusted Networks, AntiTracker, Custom DNS, Always-on VPN, Start on boot and etc. IVPN Android app is distributed on the Google… - [alibaba/freeline](https://awesome-repositories.com/repository/alibaba-freeline.md) (5,463 ⭐) — Freeline is a mobile application update framework and bytecode hot-swap engine designed to deliver incremental binary updates to devices. It functions as a binary diff patching tool and a mobile over-the-air patching framework that allows for the delivery of small update packages to fix bugs and replace resources without requiring a full application reinstall. The system distinguishes itself through its ability to perform dynamic code swapping and native library updating. It replaces shared object binaries and code segments in a running process via socket servers, enabling logic updates and h - [fyne-io/fyne](https://awesome-repositories.com/repository/fyne-io-fyne.md) (27,941 ⭐) — Fyne is a cross-platform graphical user interface toolkit for the Go programming language. It provides a comprehensive framework for building native applications that run on desktop, mobile, and web environments from a single codebase. The toolkit centers on a canvas-based rendering engine and a device-independent layout engine, ensuring that visual elements maintain consistent dimensions and behavior across diverse operating systems and screen densities. The project distinguishes itself through a reactive data-binding system that automatically synchronizes application state with interface co - [mozilla-mobile/firefox-ios](https://awesome-repositories.com/repository/mozilla-mobile-firefox-ios.md) (12,973 ⭐) — Firefox iOS is a mobile web browser for iOS devices that uses the WebKit engine to render web content and provide navigation and search capabilities. It is a cross-platform browser implementation that adapts core browsing technologies and user interfaces for the Apple mobile operating system. The project includes a specialized build pipeline for automating the compilation, linting, and testing of the application. This system manages remote asset syncing for brand iconography and enforces coding standards through static analysis quality gates. The browser supports the injection of user script - [badges/shields](https://awesome-repositories.com/repository/badges-shields.md) (26,811 ⭐) — Shields is a dynamic badge generator that creates visual status indicators for software projects by fetching live data from external APIs. It functions as a programmatic image renderer, converting structured data parameters into consistent, high-contrast vector graphics that can be embedded directly into markdown and web documentation via URL parameters. The project distinguishes itself by offering a self-hosted metadata server, allowing users to deploy the service behind their own firewalls to maintain full control over infrastructure and data privacy. It supports extensive customization, in - [doridori/android-security-reference](https://awesome-repositories.com/repository/doridori-android-security-reference.md) (990 ⭐) — A W.I.P Android Security Ref