Bypass SSL certificate pinning for most applications

Quickly analyze and reverse engineer Android packages

Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.

Instruments to assist in binary application reversing and augmentation, geared towards walled gardens like iOS and macOS

Simple Bash scripts to make easier Android hacking (mobile pentesting).

iOS Frida Scripts

Android app analysis and feature extraction library

Documentation:

Repository with research related to Android

Extract the information needed from the Manifest.plist files to convert it to hashes compatible with hashcat

PoC demonstrating how to perform OAuth Mobile App Impersonation through custom scheme hijacking.

frick - aka the first debugger built on top of frida - is a kick ass frida cli for reverse engineer inspired by the epic GDB init gef by @hugsy.

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

The iOS Security Testing Framework

Easy SSL pinning validation and reporting for Android.

Android application vulnerability analysis and Android pentest tool

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

A library to use Xposed without root or recovery(or modify system image etc..).

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps