30 open-source projects similar to securing/iossecuritysuite, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best IOSSecuritySuite alternative.
Most usable tools for iOS penetration testing
Steal Net-NTLM Hash using Bad-PDF
Password generator for BIOS
Apkleaks is a static analysis tool and security auditor designed to extract hardcoded secrets, API endpoints, and sensitive data from Android application packages. It operates as a secret scanner that analyzes compiled binaries without executing them to identify potential information leaks and insecure endpoints. The tool utilizes a regex-based data extraction engine to identify sensitive strings within decompiled code. It supports customization through JSON-defined search patterns and provides configuration flags to tune the behavior of the underlying disassembler. The analysis pipeline enc
This project is a comprehensive Android reverse engineering suite that functions as a decompiler, bytecode deobfuscator, and malware analysis tool. It is designed to convert APK, DEX, and OAT binaries into human-readable source code using a native implementation that does not require a Java Virtual Machine. The platform is distinguished by its integration with Frida for dynamic analysis, allowing users to hook methods, inject custom JavaScript, and dump device memory in real time. It also features specialized security engines, including a taint propagation engine and a stack-state machine, to
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Various recipes for testing common scenarios with Cypress
Easy SSL pinning validation and reporting for iOS, macOS, tvOS and watchOS.
快捷运维,代号kjyw,项目基于shell、python,运维脚本工具库,收集各类运维常用工具脚本,实现快速安装nginx、mysql、php、redis、nagios、运维经常使用的脚本等等...
idb is a tool to simplify some common tasks for iOS pentesting and research. Originally there was a command line version of the tool, but it is no longer under development so you should get the GUI version.
A cross-platform java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR). Website:
Android Package Inspector - dynamic analysis with api hooks, start unexported activities and more. (Xposed Module)
Fishhook is a binary instrumentation library for iOS and iOS simulators. It functions as a Mach-O symbol rebinder and instrumenter, allowing for the replacement of system library implementations with custom logic at runtime. The project redirects function calls by updating lazy and non-lazy symbol pointers within Mach-O binary data segments. This approach enables the interception and modification of existing function behavior without altering the original binary on disk. The toolset covers binary instrumentation and dynamic hooking for iOS applications, facilitating the monitoring and altera
idb is a suite of tools for controlling and automating iOS simulators and physical devices. It consists of a command line interface, a simulator controller, and a bridge that provides access to internal system interfaces for automating features normally restricted to the graphical user interface. The project includes a remote target manager that enables the control of iOS devices and simulators across different machines or data centers using a companion host process. This system separates the command line interface from the process managing the actual device connection. The toolset provides
A security focused static analysis tool for Android and Java applications.
Easily spoof your MAC address in macOS, Windows, & Linux!
FLEX is an in-app debugging tool and runtime exploration environment for iOS applications. It provides an integrated suite for inspecting and modifying the internal state of a running process without the use of an external debugger. The project includes a runtime inspector for browsing the memory heap and calling methods dynamically, alongside a view hierarchy debugger for visualizing and adjusting layout structures in real time. It features a network traffic monitor to log and analyze HTTP request history, headers, and responses, as well as a sandbox manager for viewing and editing files and
Frida is a dynamic binary instrumentation toolkit that provides a framework for deep process introspection and live application state manipulation. It enables the injection of custom scripts into running processes to trace function calls, modify memory, and analyze application behavior in real-time across diverse operating systems and processor architectures. The project distinguishes itself by embedding a high-performance JavaScript engine directly within the target process, allowing for the execution of user-defined logic for real-time inspection. It utilizes instruction-level hooking to re
Drozer is a security testing framework and runtime analyzer for Android applications and devices. It functions as an exploit management framework and a security toolset used to identify vulnerabilities, misconfigurations, and leaks within the Android operating system and its installed applications. The framework enables the simulation of application behavior and the interaction with communication endpoints to detect security flaws. It manages the execution, analysis, and sharing of public exploits for mobile security research. The system provides capabilities for application auditing, vulner
Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps.
ios-webkit-debug-proxy is a command-line proxy that bridges Chrome DevTools to Safari Web Inspector on iOS devices, enabling remote debugging of web content over USB. It translates WebKit remote debugging protocol messages into Chrome DevTools Protocol over persistent WebSocket connections, allowing developers to use Chrome DevTools, Safari Web Inspector, or Firefox DevTools to inspect and debug web content in MobileSafari and UIWebViews on real and simulated iOS devices. The proxy discovers and communicates with iOS devices over USB using the libimobiledevice library without requiring iTunes
A tool to extract local data storage of an Android application in one click.