mirror of
https://github.com/vaib25vicky/awesome-mobile-security.git
synced 2025-01-15 01:27:08 -05:00
Update README.md
This commit is contained in:
Vaibhav
GitHub
parent
f6e9e25232
commit
0835707670
122
README.md
122
README.md
@ -10,38 +10,38 @@
|
|||||||
|
|
||||||
## Android
|
## Android
|
||||||
|
|
||||||
* [General](#general)
|
### General
|
||||||
|
|
||||||
* [An Android Hacking Primer](https://medium.com/swlh/an-android-hacking-primer-3390fef4e6a0)
|
* [An Android Hacking Primer](https://medium.com/swlh/an-android-hacking-primer-3390fef4e6a0)
|
||||||
* [Secure an Android Device](https://source.android.com/security)
|
* [Secure an Android Device](https://source.android.com/security)
|
||||||
* [Security tips](https://developer.android.com/training/articles/security-tips)
|
* [Security tips](https://developer.android.com/training/articles/security-tips)
|
||||||
* [OWASP Mobile Security Testing Guide](https://www.owasp.org/index.php/OWASP_Mobile_Security_Testing_Guide)
|
* [OWASP Mobile Security Testing Guide](https://www.owasp.org/index.php/OWASP_Mobile_Security_Testing_Guide)
|
||||||
* [Security Testing for Android Cross Platform Application](https://3xpl01tc0d3r.blogspot.com/2019/09/security-testing-for-android-app-part1.html)
|
* [Security Testing for Android Cross Platform Application](https://3xpl01tc0d3r.blogspot.com/2019/09/security-testing-for-android-app-part1.html)
|
||||||
* [Dive deep into Android Application Security](https://blog.0daylabs.com/2019/09/18/deep-dive-into-Android-security/)
|
* [Dive deep into Android Application Security](https://blog.0daylabs.com/2019/09/18/deep-dive-into-Android-security/)
|
||||||
* [Pentesting Android Apps Using Frida](https://www.notsosecure.com/pentesting-android-apps-using-frida/)
|
* [Pentesting Android Apps Using Frida](https://www.notsosecure.com/pentesting-android-apps-using-frida/)
|
||||||
* [Mobile Security Testing Guide](https://mobile-security.gitbook.io/mobile-security-testing-guide/)
|
* [Mobile Security Testing Guide](https://mobile-security.gitbook.io/mobile-security-testing-guide/)
|
||||||
* [Mobile Application Penetration Testing Cheat Sheet](https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet)
|
* [Mobile Application Penetration Testing Cheat Sheet](https://github.com/sh4hin/MobileApp-Pentest-Cheatsheet)
|
||||||
* [Android Applications Reversing 101](https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/#.WQND0G3TTOM.reddit)
|
* [Android Applications Reversing 101](https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/#.WQND0G3TTOM.reddit)
|
||||||
* [Android Security Guidelines](https://developer.box.com/en/guides/security/)
|
* [Android Security Guidelines](https://developer.box.com/en/guides/security/)
|
||||||
* [Amandroid – A Static Analysis FrameworkA](http://pag.arguslab.org/argus-saf/)
|
* [Amandroid – A Static Analysis FrameworkA](http://pag.arguslab.org/argus-saf/)
|
||||||
* [Androwarn – Yet Another Static Code Analyzer](https://github.com/maaaaz/androwarn/)
|
* [Androwarn – Yet Another Static Code Analyzer](https://github.com/maaaaz/androwarn/)
|
||||||
* [APK Analyzer – Static and Virtual Analysis Tool](https://github.com/sonyxperiadev/ApkAnalyser)
|
* [APK Analyzer – Static and Virtual Analysis Tool](https://github.com/sonyxperiadev/ApkAnalyser)
|
||||||
* [APK Inspector – A Powerful GUI Tool](https://github.com/honeynet/apkinspector/)
|
* [APK Inspector – A Powerful GUI Tool](https://github.com/honeynet/apkinspector/)
|
||||||
* [Android WebView Vulnerabilities](https://pentestlab.blog/2017/02/12/android-webview-vulnerabilities/)
|
* [Android WebView Vulnerabilities](https://pentestlab.blog/2017/02/12/android-webview-vulnerabilities/)
|
||||||
* [OWASP Mobile Top 10](https://www.owasp.org/index.php/OWASP_Mobile_Top_10)
|
* [OWASP Mobile Top 10](https://www.owasp.org/index.php/OWASP_Mobile_Top_10)
|
||||||
|
|
||||||
* [Books](#books)
|
### Books
|
||||||
|
|
||||||
* [SEI CERT Android Secure Coding Standard](https://www.securecoding.cert.org/confluence/display/android/Android+Secure+Coding+Standard)
|
* [SEI CERT Android Secure Coding Standard](https://www.securecoding.cert.org/confluence/display/android/Android+Secure+Coding+Standard)
|
||||||
* [Android Security Internals](https://www.oreilly.com/library/view/android-security-internals/9781457185496/)
|
* [Android Security Internals](https://www.oreilly.com/library/view/android-security-internals/9781457185496/)
|
||||||
|
|
||||||
* [Courses](#courses)
|
### Courses
|
||||||
|
|
||||||
* [Learning-Android-Security](https://www.lynda.com/Android-tutorials/Learning-Android-Security/689762-2.html)
|
* [Learning-Android-Security](https://www.lynda.com/Android-tutorials/Learning-Android-Security/689762-2.html)
|
||||||
* [Mobile Application Security and Penetration Testing](https://www.elearnsecurity.com/course/mobile_application_security_and_penetration_testing/)
|
* [Mobile Application Security and Penetration Testing](https://www.elearnsecurity.com/course/mobile_application_security_and_penetration_testing/)
|
||||||
|
|
||||||
|
|
||||||
* [Tools](#tools)
|
### Tools
|
||||||
|
|
||||||
* [Static Analysis](#static)
|
* [Static Analysis](#static)
|
||||||
* [Amandroid – A Static Analysis Framework](http://pag.arguslab.org/argus-saf)
|
* [Amandroid – A Static Analysis Framework](http://pag.arguslab.org/argus-saf)
|
||||||
@ -68,7 +68,7 @@
|
|||||||
* [Android Check – Static Code analysis plugin for Android Project](https://github.com/noveogroup/android-check)
|
* [Android Check – Static Code analysis plugin for Android Project](https://github.com/noveogroup/android-check)
|
||||||
* [FindBugs-IDEA Static byte code analysis to look for bugs in Java code](https://plugins.jetbrains.com/plugin/3847-findbugs-idea)
|
* [FindBugs-IDEA Static byte code analysis to look for bugs in Java code](https://plugins.jetbrains.com/plugin/3847-findbugs-idea)
|
||||||
|
|
||||||
* [Dynamic Analysis](#dynamic)
|
* [Dynamic Analysis](#dynamic)
|
||||||
* [Android Hooker - Opensource project for dynamic analyses of Android applications](https://github.com/AndroidHooker/hooker)
|
* [Android Hooker - Opensource project for dynamic analyses of Android applications](https://github.com/AndroidHooker/hooker)
|
||||||
* [AppAudit - Online tool ( including an API) uses dynamic and static analysis](http://appaudit.io/)
|
* [AppAudit - Online tool ( including an API) uses dynamic and static analysis](http://appaudit.io/)
|
||||||
* [AppAudit - A bare-metal analysis tool on Android devices](https://github.com/ucsb-seclab/baredroid)
|
* [AppAudit - A bare-metal analysis tool on Android devices](https://github.com/ucsb-seclab/baredroid)
|
||||||
@ -85,7 +85,7 @@
|
|||||||
* [Mobile-Security-Framework MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF)
|
* [Mobile-Security-Framework MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF)
|
||||||
* [CobraDroid - Custom build of the Android operating system geared specifically for application security ](https://thecobraden.com/projects/cobradroid/)
|
* [CobraDroid - Custom build of the Android operating system geared specifically for application security ](https://thecobraden.com/projects/cobradroid/)
|
||||||
|
|
||||||
* [Android Online APK Analyzers](#online)
|
* [Android Online APK Analyzers](#online)
|
||||||
* [Android Observatory APK Scan](https://androidobservatory.org/upload)
|
* [Android Observatory APK Scan](https://androidobservatory.org/upload)
|
||||||
* [Android APK Decompiler](http://www.decompileandroid.com/)
|
* [Android APK Decompiler](http://www.decompileandroid.com/)
|
||||||
* [AndroTotal](http://andrototal.org/)
|
* [AndroTotal](http://andrototal.org/)
|
||||||
@ -101,22 +101,62 @@
|
|||||||
* [Visual Threat](http://www.visualthreat.com/UIupload.action)
|
* [Visual Threat](http://www.visualthreat.com/UIupload.action)
|
||||||
* [App Critique](https://appcritique.boozallen.com/)
|
* [App Critique](https://appcritique.boozallen.com/)
|
||||||
|
|
||||||
* [Labs](#labs)
|
### Labs
|
||||||
|
|
||||||
|
|
||||||
* [Misc.](#Misc.)
|
* [DIVA (Damn insecure and vulnerable App)](https://github.com/payatu/diva-android)
|
||||||
|
* [SecurityShepherd](https://github.com/OWASP/SecurityShepherd)
|
||||||
* [Android-Reports-and-Resources](https://github.com/B3nac/Android-Reports-and-Resources/blob/master/README.md)
|
* [Damn Vulnerable Hybrid Mobile App (DVHMA)](https://github.com/logicalhacking/DVHMA)
|
||||||
* [android-security-awesome](https://github.com/ashishb/android-security-awesome)
|
* [OWASP-mstg](https://github.com/OWASP/owasp-mstg/tree/master/Crackmes)
|
||||||
|
* [VulnerableAndroidAppOracle](https://github.com/dan7800/VulnerableAndroidAppOracle)
|
||||||
|
* [Android InsecureBankv2](https://github.com/dineshshetty/Android-InsecureBankv2)
|
||||||
|
* [Purposefully Insecure and Vulnerable Android Application (PIIVA)](https://github.com/htbridge/pivaa)
|
||||||
|
* [Sieve app](https://github.com/mwrlabs/drozer/releases/download/2.3.4/sieve.apk)
|
||||||
|
* [DodoVulnerableBank](https://github.com/CSPF-Founder/DodoVulnerableBank)
|
||||||
|
* [Digitalbank](https://github.com/CyberScions/Digitalbank)
|
||||||
|
* [OWASP GoatDroid](https://github.com/jackMannino/OWASP-GoatDroid-Project)
|
||||||
|
* [AppKnox Vulnerable Application](https://github.com/appknox/vulnerable-application)
|
||||||
|
* [Vulnerable Android Application](https://github.com/Lance0312/VulnApp)
|
||||||
|
* [MoshZuk](https://dl.dropboxusercontent.com/u/37776965/Work/MoshZuk.apk)
|
||||||
|
* [Hackme Bank](http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx)
|
||||||
|
* [Android Security Labs](https://github.com/SecurityCompass/AndroidLabs)
|
||||||
|
* [Android-InsecureBankv2](https://github.com/dineshshetty/Android-InsecureBankv2)
|
||||||
|
* [Android-security](https://github.com/rafaeltoledo/android-security)
|
||||||
|
|
||||||
|
### Talks
|
||||||
|
|
||||||
|
* [One Step Ahead of Cheaters -- Instrumenting Android Emulators](https://www.youtube.com/watch?v=L3AniAxp_G4)
|
||||||
|
* [Vulnerable Out of the Box: An Evaluation of Android Carrier Devices](https://www.youtube.com/watch?v=R2brQvQeTvM)
|
||||||
|
* [Rock appround the clock: Tracking malware developers by Android](https://www.youtube.com/watch?v=wd5OU9NvxjU)
|
||||||
|
* [Chaosdata - Ghost in the Droid: Possessing Android Applications with ParaSpectre](https://www.youtube.com/watch?v=ohjTWylMGEA)
|
||||||
|
* [Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets](https://www.youtube.com/watch?v=TDk2RId8LFo)
|
||||||
|
* [Honey, I Shrunk the Attack Surface – Adventures in Android Security Hardening](https://www.youtube.com/watch?v=EkL1sDMXRVk)
|
||||||
|
* [Hide Android Applications in Images](https://www.youtube.com/watch?v=hajOlvLhYJY)
|
||||||
|
* [Scary Code in the Heart of Android](https://www.youtube.com/watch?v=71YP65UANP0)
|
||||||
|
* [Fuzzing Android: A Recipe For Uncovering Vulnerabilities Inside System Components In Android](https://www.youtube.com/watch?v=q_HibdrbIxo)
|
||||||
|
* [Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library](https://www.youtube.com/watch?v=s0Tqi7fuOSU)
|
||||||
|
* [Android FakeID Vulnerability Walkthrough](https://www.youtube.com/watch?v=5eJYCucZ-Tc)
|
||||||
|
* [Unleashing D* on Android Kernel Drivers](https://www.youtube.com/watch?v=1XavjjmfZAY)
|
||||||
|
* [The Smarts Behind Hacking Dumb Devices](https://www.youtube.com/watch?v=yU1BrY1ZB2o)
|
||||||
|
* [Overview of common Android app vulnerabilities](https://www.bugcrowd.com/resources/webinars/overview-of-common-android-app-vulnerabilities/)
|
||||||
|
* [Android Dev Summit 2019](https://developer.android.com/dev-summit)
|
||||||
|
* [Android security architecture](https://www.youtube.com/watch?v=3asW-nBU-JU)
|
||||||
|
|
||||||
|
### Misc.
|
||||||
|
|
||||||
|
* [Android-Reports-and-Resources](https://github.com/B3nac/Android-Reports-and-Resources/blob/master/README.md)
|
||||||
|
* [android-security-awesome](https://github.com/ashishb/android-security-awesome)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## IOS
|
## IOS
|
||||||
* [General](#general)
|
### General
|
||||||
* [Articles](#articles)
|
### Tools
|
||||||
* [Books](#books)
|
### Talks
|
||||||
* [Classes](#classes)
|
### Labs
|
||||||
* [Tools]
|
### Courses
|
||||||
|
### Books
|
||||||
|
### Misc.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user