├── android-burp-cert.sh
├── README.md
└── .gitmodules


/android-burp-cert.sh:
--------------------------------------------------------------------------------
 1 | # https://securitychops.com/2019/08/31/dev/random/one-liner-to-install-burp-cacert-into-android.html
 2 | #
 3 | curl --proxy http://127.0.0.1:8080 -o cacert.der http://burp/cert  \
 4 | && openssl x509 -inform DER -in cacert.der -out cacert.pem \
 5 | && cp cacert.der $(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 \
 6 | && adb root \
 7 | && adb remount \
 8 | && adb push $(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 /sdcard/ \
 9 | && echo -n "mv /sdcard/$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 /system/etc/security/cacerts/" | adb shell \
10 | && echo -n "chmod 644 /system/etc/security/cacerts/$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0" | adb shell \
11 | && echo -n "reboot" | adb shell \
12 | && rm $(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 \
13 | && rm cacert.pem \
14 | && rm cacert.der


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Android arsenal
 2 | 
 3 | Tools and scripts dedicated to Android application security
 4 | 
 5 | ## Mobile security framework
 6 | 
 7 | https://github.com/MobSF/Mobile-Security-Framework-MobSF/
 8 | 
 9 | https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security/
10 | 
11 | https://github.com/dpnishant/appmon
12 | 
13 | https://github.com/nccgroup/house
14 | 
15 | https://github.com/xtiankisutsa/MARA_Framework/
16 | 
17 | 
18 | ## VM for android reversing
19 | 
20 | https://tools.androidtamer.com/#installation
21 | 
22 | https://androidtamer.com/tamer4-release
23 | 
24 | https://github.com/sh4hin/Androl4b
25 | 
26 | 
27 | ## VSCode addons
28 | 
29 | https://marketplace.visualstudio.com/items?itemName=Surendrajat.apklab
30 | 
31 | https://marketplace.visualstudio.com/items?itemName=tintinweb.vscode-decompiler
32 | 
33 | https://github.com/Surendrajat/APKLab
34 | 
35 | https://github.com/jiusanzhou/apkman
36 | 
37 | https://github.com/dwisiswant0/apkleaks
38 | 


--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
  1 | [submodule "REK"]
  2 | 	path = REK
  3 | 	url = https://github.com/jcodeing/REK
  4 | [submodule "droidReverse"]
  5 | 	path = droidReverse
  6 | 	url = https://github.com/Juude/droidReverse
  7 | [submodule "jeb"]
  8 | 	path = jeb
  9 | 	url = https://github.com/totopamimi/jeb
 10 | [submodule "misc-code"]
 11 | 	path = misc-code
 12 | 	url = https://github.com/cryptax/misc-code
 13 | [submodule "decompile"]
 14 | 	path = decompile
 15 | 	url = https://github.com/aiyhome/decompile
 16 | [submodule "JEB_KeyGen"]
 17 | 	path = JEB_KeyGen
 18 | 	url = https://github.com/ghluzhiyuan/JEB_KeyGen
 19 | [submodule "AndFix"]
 20 | 	path = AndFix
 21 | 	url = https://github.com/aiyhome/AndFix
 22 | [submodule "drozer"]
 23 | 	path = drozer
 24 | 	url = https://github.com/mwrlabs/drozer/
 25 | [submodule "simplify"]
 26 | 	path = simplify
 27 | 	url = https://github.com/CalebFenton/simplify
 28 | [submodule "GDA-android-reversing-Tool"]
 29 | 	path = GDA-android-reversing-Tool
 30 | 	url = https://github.com/charles2gan/GDA-android-reversing-Tool
 31 | [submodule "gcmreverse"]
 32 | 	path = gcmreverse
 33 | 	url = https://github.com/nborrmann/gcmreverse
 34 | [submodule "ClassNameDeobfuscator"]
 35 | 	path = ClassNameDeobfuscator
 36 | 	url = https://github.com/HamiltonianCycle/ClassNameDeobfuscator
 37 | [submodule "frida-android-hooks"]
 38 | 	path = frida-android-hooks
 39 | 	url = https://github.com/antojoseph/frida-android-hooks
 40 | [submodule "python_adb_tool"]
 41 | 	path = python_adb_tool
 42 | 	url = https://github.com/Skiftestqa/python_adb_tool
 43 | [submodule "Jeb"]
 44 | 	path = Jeb
 45 | 	url = https://github.com/dreamcxy/Jeb
 46 | [submodule "Adhrit"]
 47 | 	path = Adhrit
 48 | 	url = https://github.com/abhi-r3v0/Adhrit
 49 | [submodule "ApkSmaliJebTools"]
 50 | 	path = ApkSmaliJebTools
 51 | 	url = https://github.com/isaacselement/ApkSmaliJebTools
 52 | [submodule "APKiD"]
 53 | 	path = APKiD
 54 | 	url = https://github.com/rednaga/APKiD
 55 | [submodule "dex-oracle"]
 56 | 	path = dex-oracle
 57 | 	url = https://github.com/CalebFenton/dex-oracle
 58 | [submodule "apkfile"]
 59 | 	path = apkfile
 60 | 	url = https://github.com/CalebFenton/apkfile
 61 | [submodule "PlaystoreDownloader"]
 62 | 	path = PlaystoreDownloader
 63 | 	url = https://github.com/ClaudiuGeorgiu/PlaystoreDownloader
 64 | [submodule "gplaydl"]
 65 | 	path = gplaydl
 66 | 	url = https://github.com/rehmatworks/gplaydl
 67 | [submodule "google-play-downloader"]
 68 | 	path = google-play-downloader
 69 | 	url = https://github.com/bluemutedwisdom/google-play-downloader
 70 | [submodule "googleplay-api"]
 71 | 	path = googleplay-api
 72 | 	url = https://github.com/NoMore201/googleplay-api
 73 | [submodule "apkx"]
 74 | 	path = apkx
 75 | 	url = https://github.com/b-mueller/apkx
 76 | [submodule "AndRoversing"]
 77 | 	path = AndRoversing
 78 | 	url = https://github.com/nikita2424/AndRoversing
 79 | [submodule "nathan"]
 80 | 	path = nathan
 81 | 	url = https://github.com/mseclab/nathan
 82 | [submodule "Marvin-dynamic-Analyzer"]
 83 | 	path = Marvin-dynamic-Analyzer
 84 | 	url = https://github.com/programa-stic/Marvin-dynamic-Analyzer
 85 | [submodule "NinjaDroid"]
 86 | 	path = NinjaDroid
 87 | 	url = https://github.com/rovellipaolo/NinjaDroid
 88 | [submodule "android-scripts"]
 89 | 	path = android-scripts
 90 | 	url = https://github.com/strazzere/android-scripts
 91 | [submodule "androguard"]
 92 | 	path = androguard
 93 | 	url = https://github.com/androguard/androguard
 94 | [submodule "ReverseAPK"]
 95 | 	path = ReverseAPK
 96 | 	url = https://github.com/1N3/ReverseAPK
 97 | [submodule "Apktool"]
 98 | 	path = Apktool
 99 | 	url = https://github.com/iBotPeaches/Apktool
100 | [submodule "FridaAndroidTracer"]
101 | 	path = FridaAndroidTracer
102 | 	url = https://github.com/iGio90/FridaAndroidTracer
103 | [submodule "Frida-Android-Scripts"]
104 | 	path = Frida-Android-Scripts
105 | 	url = https://github.com/thecjw/Frida-Android-Scripts
106 | [submodule "Frida_Android_Hook"]
107 | 	path = Frida_Android_Hook
108 | 	url = https://github.com/sepyeight/Frida_Android_Hook
109 | [submodule "frida-android-examples"]
110 | 	path = frida-android-examples
111 | 	url = https://github.com/11x256/frida-android-examples
112 | [submodule "analyzecrypt.py"]
113 | 	path = analyzecrypt.py
114 | 	url = https://github.com/ylikx/analyzecrypt.py
115 | [submodule "Frida-Android-Hooks"]
116 | 	path = Frida-Android-Hooks
117 | 	url = https://github.com/sixnative/Frida-Android-Hooks
118 | [submodule "frida-android-vul-detect"]
119 | 	path = frida-android-vul-detect
120 | 	url = https://github.com/Eacials/frida-android-vul-detect
121 | [submodule "AndroidNativeEmu"]
122 | 	path = AndroidNativeEmu
123 | 	url = https://github.com/AeonLucid/AndroidNativeEmu
124 | [submodule "PyADB"]
125 | 	path = PyADB
126 | 	url = https://github.com/theriley106/PyADB
127 | [submodule "haem"]
128 | 	path = haem
129 | 	url = https://github.com/appetizerio/haem
130 | [submodule "android_emulator_helper"]
131 | 	path = android_emulator_helper
132 | 	url = https://github.com/oleg79/android_emulator_helper
133 | [submodule "android-emulator-docker"]
134 | 	path = android-emulator-docker
135 | 	url = https://github.com/upday/android-emulator-docker
136 | [submodule "pyavd"]
137 | 	path = pyavd
138 | 	url = https://github.com/SaneBow/pyavd
139 | [submodule "ARES"]
140 | 	path = ARES
141 | 	url = https://github.com/DarioI/ARES
142 | [submodule "DroXES"]
143 | 	path = DroXES
144 | 	url = https://github.com/abhi-r3v0/DroXES
145 | [submodule "alfred-android-emulator"]
146 | 	path = alfred-android-emulator
147 | 	url = https://github.com/nassendelft/alfred-android-emulator
148 | [submodule "gnirehtet"]
149 | 	path = gnirehtet
150 | 	url = https://github.com/Genymobile/gnirehtet
151 | [submodule "mobile-re"]
152 | 	path = mobile-re
153 | 	url = https://github.com/QKaiser/mobile-re
154 | [submodule "ares2"]
155 | 	path = ares2
156 | 	url = https://github.com/DarioI/ares2
157 | [submodule "andreth"]
158 | 	path = andreth
159 | 	url = https://github.com/0x64746b/andreth
160 | [submodule "lobotomy"]
161 | 	path = lobotomy
162 | 	url = https://github.com/AndroidSecurityTools/lobotomy
163 | [submodule "MARA_Framework"]
164 | 	path = MARA_Framework
165 | 	url = https://github.com/xtiankisutsa/MARA_Framework
166 | [submodule "SimpleRT"]
167 | 	path = SimpleRT
168 | 	url = https://github.com/vvviperrr/SimpleRT
169 | [submodule "engine"]
170 | 	path = engine
171 | 	url = https://github.com/droidefense/engine
172 | [submodule "androidre"]
173 | 	path = androidre
174 | 	url = https://github.com/cryptax/androidre
175 | [submodule "virtual-pki-card"]
176 | 	path = virtual-pki-card
177 | 	url = https://github.com/nelenkov/virtual-pki-card
178 | [submodule "android-lkms"]
179 | 	path = android-lkms
180 | 	url = https://github.com/strazzere/android-lkms
181 | [submodule "Xenotix-APK-Reverser"]
182 | 	path = Xenotix-APK-Reverser
183 | 	url = https://github.com/ajinabraham/Xenotix-APK-Reverser
184 | [submodule "android-sectools"]
185 | 	path = android-sectools
186 | 	url = https://github.com/vskram21/android-sectools
187 | [submodule "python_rev_eng"]
188 | 	path = python_rev_eng
189 | 	url = https://github.com/Brainbuggged/python_rev_eng
190 | [submodule "droidcarve"]
191 | 	path = droidcarve
192 | 	url = https://github.com/DarioI/droidcarve
193 | [submodule "SafeDroid-v2.0"]
194 | 	path = SafeDroid-v2.0
195 | 	url = https://github.com/Dubniak/SafeDroid-v2.0
196 | [submodule "apkstudio"]
197 | 	path = apkstudio
198 | 	url = https://github.com/vaibhavpandeyvpz/apkstudio
199 | [submodule "jebscripts"]
200 | 	path = jebscripts
201 | 	url = https://github.com/enovella/jebscripts
202 | [submodule "AppTroller"]
203 | 	path = AppTroller
204 | 	url = https://github.com/jtesta/AppTroller
205 | [submodule "Auditing-Pentesting-Android-Apps"]
206 | 	path = Auditing-Pentesting-Android-Apps
207 | 	url = https://github.com/chmodxx/Auditing-Pentesting-Android-Apps
208 | [submodule "android-unpacker"]
209 | 	path = android-unpacker
210 | 	url = https://github.com/strazzere/android-unpacker
211 | [submodule "Androl4b"]
212 | 	path = Androl4b
213 | 	url = https://github.com/sh4hin/Androl4b
214 | [submodule "AndroidToolBox"]
215 | 	path = AndroidToolBox
216 | 	url = https://github.com/BackTrackCRoot/AndroidToolBox
217 | [submodule "house"]
218 | 	path = house
219 | 	url = https://github.com/nccgroup/house
220 | [submodule "Recaf"]
221 | 	path = Recaf
222 | 	url = https://github.com/Col-E/Recaf
223 | [submodule "pbtk"]
224 | 	path = pbtk
225 | 	url = https://github.com/marin-m/pbtk
226 | [submodule "fernflower"]
227 | 	path = fernflower
228 | 	url = https://github.com/fesh0r/fernflower
229 | [submodule "smalisca"]
230 | 	path = smalisca
231 | 	url = https://github.com/dorneanu/smalisca
232 | [submodule "android-reversing-challenges"]
233 | 	path = android-reversing-challenges
234 | 	url = https://github.com/kiyadesu/android-reversing-challenges
235 | [submodule "android-decompiler"]
236 | 	path = android-decompiler
237 | 	url = https://github.com/nextco/android-decompiler
238 | [submodule "APKStat"]
239 | 	path = APKStat
240 | 	url = https://github.com/hexabin/APKStat
241 | [submodule "dexterous"]
242 | 	path = dexterous
243 | 	url = https://github.com/Project-ARTist/dexterous
244 | [submodule "DynamicLoadClass"]
245 | 	path = DynamicLoadClass
246 | 	url = https://github.com/stven0king/DynamicLoadClass
247 | [submodule "Dex65536"]
248 | 	path = Dex65536
249 | 	url = https://github.com/mmin18/Dex65536
250 | [submodule "vdexExtractor"]
251 | 	path = vdexExtractor
252 | 	url = https://github.com/anestisb/vdexExtractor
253 | [submodule "intellij-java2smali"]
254 | 	path = intellij-java2smali
255 | 	url = https://github.com/ollide/intellij-java2smali
256 | [submodule "redexer"]
257 | 	path = redexer
258 | 	url = https://github.com/plum-umd/redexer
259 | [submodule "dex-test-parser"]
260 | 	path = dex-test-parser
261 | 	url = https://github.com/linkedin/dex-test-parser
262 | [submodule "SimpleSmali"]
263 | 	path = SimpleSmali
264 | 	url = https://github.com/dodola/SimpleSmali
265 | [submodule "ClassLoader"]
266 | 	path = ClassLoader
267 | 	url = https://github.com/Catherine22/ClassLoader
268 | [submodule "androidDump"]
269 | 	path = androidDump
270 | 	url = https://github.com/CyberSaxosTiGER/androidDump
271 | [submodule "dexsim"]
272 | 	path = dexsim
273 | 	url = https://github.com/mikusjelly/dexsim
274 | [submodule "Android-Crack-Tool"]
275 | 	path = Android-Crack-Tool
276 | 	url = https://github.com/Jermic/Android-Crack-Tool
277 | [submodule "android-classyshark"]
278 | 	path = android-classyshark
279 | 	url = https://github.com/google/android-classyshark
280 | [submodule "r8"]
281 | 	path = r8
282 | 	url = https://github.com/demon-xxi/r8
283 | [submodule "redex"]
284 | 	path = redex
285 | 	url = https://github.com/facebook/redex
286 | [submodule "saam"]
287 | 	path = saam
288 | 	url = https://github.com/mikusjelly/saam
289 | [submodule "apktool"]
290 | 	path = apktool
291 | 	url = https://bitbucket.org/iBotPeaches/apktool/
292 | [submodule "ApkPure"]
293 | 	path = ApkPure
294 | 	url = https://github.com/dyseo/ApkPure
295 | [submodule "uber-apk-signer"]
296 | 	path = uber-apk-signer
297 | 	url = https://github.com/patrickfav/uber-apk-signer
298 | [submodule "apk-mitm"]
299 | 	path = apk-mitm
300 | 	url = https://github.com/shroudedcode/apk-mitm
301 | [submodule "Andromeda"]
302 | 	path = Andromeda
303 | 	url = https://github.com/secrary/Andromeda
304 | [submodule "dexcalibur"]
305 | 	path = dexcalibur
306 | 	url = https://github.com/FrenchYeti/dexcalibur
307 | [submodule "jnitrace"]
308 | 	path = jnitrace
309 | 	url = https://github.com/chame1eon/jnitrace
310 | [submodule "apbf"]
311 | 	path = apbf
312 | 	url = https://github.com/timvisee/apbf
313 | [submodule "super"]
314 | 	path = super
315 | 	url = https://github.com/SUPERAndroidAnalyzer/super
316 | [submodule "BootStomp"]
317 | 	path = BootStomp
318 | 	url = https://github.com/ucsb-seclab/BootStomp
319 | [submodule "Brida"]
320 | 	path = Brida
321 | 	url = https://github.com/federicodotta/Brida
322 | [submodule "magisk-frida"]
323 | 	path = magisk-frida
324 | 	url = https://github.com/ViRb3/magisk-frida
325 | [submodule "frida"]
326 | 	path = frida
327 | 	url = https://github.com/frida/frida
328 | [submodule "FridaLoader"]
329 | 	path = FridaLoader
330 | 	url = https://github.com/dineshshetty/FridaLoader
331 | [submodule "RMS-Runtime-Mobile-Security"]
332 | 	path = RMS-Runtime-Mobile-Security
333 | 	url = https://github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
334 | [submodule "Brida_Custom_Plugs"]
335 | 	path = Brida_Custom_Plugs
336 | 	url = https://github.com/yearnwang/Brida_Custom_Plugs
337 | 


--------------------------------------------------------------------------------