Mobile Pentest

Emulator

Genymotion – Android Emulator for app testing Cross-platform Android Emulator for manual and automated app testingGenymotion – Android Emulator for app testing

Dex2jar

GitHub - pxb1988/dex2jar: Tools to work with android .dex and java .class filesGitHub

MobSF

GitHub - MobSF/Mobile-Security-Framework-MobSF: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.GitHub

cSploit

GitHub - cSploit/android: cSploit - The most complete and advanced IT security professional toolkit on Android.GitHub

Apktool

Apktool | Apktool

# apktool d instant.apk
I: Using Apktool 2.7.0-dirty on instant.apk
I: Loading resource table...
I: Decoding AndroidManifest.xml with resources...
I: Loading resource table from file: /root/.local/share/apktool/framework/1.apk
I: Regular manifest package...
I: Decoding file-resources...
I: Decoding values */* XMLs...
I: Baksmaling classes.dex...
I: Copying assets and libs...
I: Copying unknown files...
I: Copying original files...
I: Copying META-INF/services directory

# ls instant
AndroidManifest.xml  assets  lib       original  smali
apktool.yml          kotlin  META-INF  res       unknown

Androguard

GitHub - androguard/androguard: Reverse engineering, Malware and goodware analysis of Android applications ... and more (ninja !)GitHub

Drozer

GitHub - WithSecureLabs/drozer: The Leading Security Assessment Framework for Android.GitHub

Exploiting Android Activities with Drozer: A Step-by-Step GuideMedium

Frida

AndroidFrida • A world-class dynamic instrumentation framework

Code Analysis

Code Analysis

Resources

GitHub - vaib25vicky/awesome-mobile-security: An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.GitHub