Android Security-analysis Resources

sift A tool to model and analyze the design of systems from java class files. Features CLI tool for building, querying and diff-ing "system models" fr

Document Index 1.overview 2.startup 3.how to write rules 4.how to find compliance problems use appshark 5.a path traversal game 6.argument 7.engine co

APKLab The ultimate Android RE experience right inside your VS Code. APKLab seamlessly integrates the best open-source tools: Quark-Engine, Apktool, J

An Obfuscation-Neglect Android Malware Scoring System Quark-Engine is also bundled with Kali Linux, BlackArch. A trust-worthy, practical tool that's r

Error Prone Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. public class ShortSet { public

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

FlowDroid Data Flow Analysis Tool This repository hosts the FlowDroid data flow analysis tool. FlowDroid statically computes data flows in Android app

[DEPRECATED] Gradle static analysis plugin ⚠️ A fork of this project is maintained at https://github.com/GradleUp/static-analysis-plugin/ Please migra

PMD - source code analyzer PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary obj

Using Soot? Let us know about it! We are regularly applying for funding to help us maintain Soot. You can help us immensely by letting us know about p

android-quality-starter setup CheckStyle, FindBugs, PMD and Lint for your Android project easily This project adds gradle setup for quality tools ment

Quick Android Review Kit This tool is designed to look for several security related Android application vulnerabilities, either in source code or pack

Infer Infer is a static analysis tool for Java, C++, Objective-C, and C. Infer is written in OCaml. Installation Read our Getting Started page for det

Android Check Static code analysis plugin for Android project. Usage Modifications in project_dir/build.gradle: buildscript { repositories { jce

APKLeaks Scanning APK file for URIs, endpoints & secrets. Installation from Pypi from Source from Docker Usage Options Output Pattern Pattern Argument

StaCoAn Not maintained anymore! Will be archived soon. StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers pe

Mobile Audit MobileAudit - SAST and Malware Analysis for Android Mobile APKs Components Docker Base images Main features Patterns Integrations Install

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Runtime Mobile Security (RMS) 📱 🔥 by @mobilesecurity_ Runtime Mobile Security (RMS), powered by FRIDA, is a powerful web interface that helps you to

___ ___ / | \ ____ __ __ ______ ____ / ~ \/ _ \| | \/ ___// __ \ \ Y ( _ )

objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak.

drozer ---------------------------------------------------------------- NOTE We would like to formally announce that F-Secure has stopped further deve

Inspeckage - Android Package Inspector Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to function

PATDroid PATDroid is a collection of tools and data structures for analyzing Android applications and the system itself. We intend to build it as a co

Radare2: The Libre Unix-Like Reverse Engineering Framework See the Releases page for downloads. The current git master branch is 5.7.7, next will be 5

LabCIF - Forensic Analysis for Mobile Apps Getting Started Android extraction and analysis framework with an integrated Autopsy Module. Dump easily us

This is the first goland plugin for SCA of Go. It focuses on the dependency security of the Go project. It will generate the SCA report for the dependencies with vulnerabilities. For the detailed introduction of this plugin, please refer to this article.

Ead Course Business Project of the ead's microservice group It was created in order to manages courses, lessons and modules from ead system. Technolog

GenPass GenPass is a secure password generating application designed with a high level of security. It uses Java Security library to generate strong p

Mole Analysis Mole Analysis Use Case for HMS ML Kit Custom Model Introduction What is Melanoma? Melanoma is the most serious among skin cancers becaus

An Android app that gives you a password generated by a given phrase with a custom algorithm, it also has password and biometric security.

UTBotJava generates test cases by code, trying to cover maximum statements and execution paths. We treat source code as source of truth assuming that behavior is correct and corresponds to initial user demand. Generated tests are placed in so-called regression suite

ArchGuard backend ArchGuard is a architecture governance tool which can analysis architecture in container, component, code level, database, create ar

Sentry Enforce security policies. Tiny app to enforce security policies of your device. It can: limit the maximum number of failed password attempts d

veyron Covid 19 & Vaccine history representation by country. The app was designe

Downloads • Privacy • Support • License FairEmail Fully featured, open source, privacy oriented email app for Android FairEmail is easy to set up and

Don’t get stung by OWASP An intro into writing code for greater Android Security

Spacebox A basic application demonstrating IPFS for collaborative data analysis, from the perspective of a Data Analysis Provider. Description This pr

Log4Shell detector Yet another log4shell detector, similar to log4jscanner, log4

Accrescent A novel Android app repository with a focus on security, privacy and

SecureBox A concept app that uses Jetpack Security to encrypt user data such as

Physikal Physikal is a Kotlin units of measurement, physical computing, and dimension analysis library. Currently just extensions for Java units of me

SpringBoot-Security-Kotlin 프로젝트 생성시 java 11 , SpringBoot 2.6.2 , jar-gradle 기본환경 mariadb 잘 안됐던 내용 참고 권한 여러개 설정시 interface UserDetails를 implements할때 ge

detekt Meet detekt, a static code analysis tool for the Kotlin programming language. It operates on the abstract syntax tree provided by the Kotlin co

About JHipster is a development platform to quickly generate, develop, and deploy modern web applications and microservice architectures. We support m

palestine_trusted_device Native Device security checks, Rooted/Jailbroken, Not real device, Developer mode is on, On external drive. Part of Palestine

units-of-measure Type-safe dimensional analysis and unit conversion in Kotlin. Project Status Stable and safe for production. Building UOMs for the fi

detekt-hint (Attention: Looking for developers) Detection of design principle violations in Kotlin added as comments on pull requests. Getting started

🧪 This library is experimental! Its API is not stabilized yet, and writing tests is still a bit tedious. Use at your own risk. Looking forward to you

spring-boot-starter-maintenance spring-boot-starter-maintenance is a maintenance mode library for spring boot web and security projects. Download Grad

Tutanota makes encryption easy Tutanota is the secure email service with built-in end-to-end encryption that enables you to communicate securely with

Open source Android, iOS and Web app for learning about and managing digital and physical security. From how to send a secure message to dealing with a kidnap. Umbrella has best practice guides in over 40 topics in multiple languages. Used daily by people working in high risk countries - journalists, activists, diplomats, business travelers etc.

APKLab The ultimate Android RE experience right inside your VS Code. APKLab seamlessly integrates the best open-source tools: Quark-Engine, Apktool, J

Secure REST APIs with Spring ./mvnw RTFM YouTube: Spring Security Patterns YouTube: Spring Security 5.5 From Taxi to Takeoff Official Apache Maven doc

Bundel is a digital wellbeing Android app, helping you to focus by grouping up notifications and only releasing them in batches, at set times. This minimises context switching and improves productivity, while decreasing the impulse to continuously check your phone.

Use Contrast Scan to analyze your code This github action will enable you to use Contrast Scan to detect vulnerabilities in your code. This action can

🛡️ Android security app using Hilt, Animations, Coroutines, Material, StateFlow, Jetpack (Room, ViewModel, Paging, Security, Biometrics, Start-up) based on MVVM architecture.

AndroidLogger Android Library that makes debugging, log collection, filtering and analysis easier. Contains 2 modules: Logger: 'com.github.ShiftHackZ.

slack-lints This repository contains a collection of custom Android/Kotlin lint checks we use in our Android and Kotlin code bases at Slack. This repo

Analysis.Paralysis Simple Application that helps individuals prioritize by directly comparing items in a list and ranking their importance to them. Cu

fingerprint android Lightweight library for device identification and fingerprinting. Fully written in Kotlin. 100% Crash-free. Creates a device ident

EvadeMe An Android library for heuristics evasion that prevents your code from being tested. User Instructions Add the maven repository to your projec

IntelliJ Crev Cargo crates review support using cargo-crev Installation Using IDE built-in plugin system: Settings/Preferences Plugins Marketplace

A program analysis tool to find cryptographic misuse in Java and Android.

This Gradle plugin can be used to continuously integrate app scanning using AppSweep into your Android app build process

Maintained by SEA team, ThoughtWorks Inc. Read this in other languages: English, 简体中文 Table of Contents About the Project Usage How to Compute Contrib

Bundel is a digital wellbeing Android app, helping you to focus by grouping up notifications and only releasing them in batches, at set times. This minimises context switching and improves productivity, while decreasing the impulse to continuously check your phone.

Wristkey Need 2FA codes quickly, right on your Wear watch without needing a phone? Wristkey is an open-source 2FA client for Wear OS watches that does

Encrypt your photos on your device and keep them safe from others. About Photok is a free Photo-Safe. It stores your photos encrypted on your device a

Blokada 5 Blokada 5 is the next generation of the well known open source mobile ad blocker and privacy app. Want to try it out? Click here to download

AESCrypt-Android Simple API to perform AES encryption on Android with no dependancies. This is the Android counterpart to the AESCrypt library Ruby an

Android Resource Manager application to manage and analysis your app resources with many features like image resize, Color, Dimens and code Analysis

EvadeMe An Android library for heuristics evasion that prevents your code from being tested. User Instructions Add the maven repository to your projec

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Overview | 概览 Booster is an easy-to-use, lightweight, powerful and extensible quality optimization toolkit designed specially for mobile applications.

Secure-Pref-Manager ##Secure Preference Manager is a simple Library to help you protect your Shared Preferences. Secure Preference Manager for android

Androl4b AndroL4b is an android security virtual machine based on ubuntu-mate includes the collection of latest framework, tutorials and labs from dif

Secure-preferences - Deprecated Please use EncryptedSharedPreferences from androidx.security in preferenced to secure-preference. (There are no active

Hawk 2.0 Secure, simple key-value storage for android Important Note This version has no backward compatibility with Hawk 1+ versions. If you still wa

Simple File Manager Can also be used for browsing root files and SD card content. You can easily rename, copy, move, delete and share anything you wis

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

Android Phishing Application.This Project is for Educational purposes only.The Developer of this application is not responsible of any bad usage

Note: This repository may be out of date. Future development will occur at https://github.com/Storyyeller/enjarify. Introduction Enjarify is a tool fo

Simplify Generic Android Deobfuscator Simplify virtually executes an app to understand its behavior and then tries to optimize the code so that it beh

ClassyShark Introduction ClassyShark is a standalone binary inspection tool for Android developers. It can reliably browse any Android executable and

Android Tamper Detector A simple library that can help you detect if you app is modded or tampered with. This adds a security level that makes it diff

android-security-awesome A collection of android security related resources. Tools Academic/Research/Publications/Books Exploits/Vulnerabilities/Bugs

DEPRECATED TinyDancer is deprecated. No more development will be taking place. Check out the Google Android developer documentation for UI performance

Simple File Manager Can also be used for browsing root files and SD card content. You can easily rename, copy, move, delete and share anything you wis

Poliwhirl Description This is a small image processing library done to find good color for icon background. It uses CIEDE2000 to determine what colors

Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An