RansomTrack: A Hybrid Behavioral Analysis Framework for Ransomware Detection

Ransomware poses a serious and fast-acting threat to critical systems, often encrypting files within seconds of execution. Research indicates that ransomware is the most reported cybercrime in terms of financial damage, highlighting the urgent need for early-stage detection before encryption is...

Frida-JIT-unPacker: An Imperva Contribution to the Security Research Community, Presented at Black Hat Asia 2024

In the ever-evolving landscape of cybersecurity threats, the battle against malicious bots is a critical concern for web applications. These bots, in addition to their ability to circumvent application security measures, are usually protected with advanced source code protection to prevent the...

R2Frida - Radare2 And Frida Better Together

This is a self-contained plugin for radare2 that allows to instrument remote processes using frida. The radare project brings a complete toolchain for reverse engineering, providing well maintained functionalities and extend its features with other programming languages and tools. Frida is a...

Blutter - Flutter Mobile Application Reverse Engineering Tool

Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime Currently the application supports only Android libapp.so arm64 only. Also the application is currently work only against recent Dart versions. For high priority missing features, see TODO Environment Setup This...

Exploit for Cross-site Scripting in Helpsystems Cobalt_Strike

Gui-poc-test A testing tool for CobaltStrike-RCE:CVE-2022-3919...

Hades - Go Shellcode Loader That Combines Multiple Evasion Techniques

Hades is a proof of concept loader that combines several evasion technques with the aim of bypassing the defensive mechanisms commonly used by modern AV/EDRs. Usage The easiest way, is probably building the project on Linux using make. git clone https://github.com/f1zm0/hades && cd hades make The...

Apk.Sh - Makes Reverse Engineering Android Apps Easier, Automating Some Repetitive Tasks Like Pulling, Decoding, Rebuilding And Patching An APK

apk.sh is a Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK. Features apk.sh basically uses apktool to disassemble, decode and rebuild resources and some bash to automate the frida gadget...

How to instrument system applications on Android stock images

By Vitor Ventura This post is the result of research presented at Recon Montreal 2022. Two slide decks are provided along with this research . One is the presentation showing the whole process and how to do it on Google Play Protect services. The other one is a workshop on how to do it on an...

CVE-2022-36782

Pal Electronics Systems - Pal Gate Authorization Errors. The vulnerability is an authorization problem in PalGate device management android client app. Gates of bulidings and parking lots with a simple button in any smartphone. The API was found after a decompiling and static research using Jadx,...

Frida-Ios-Hook - A Tool That Helps You Easy Trace Classes, Functions, And Modify The Return Values Of Methods On iOS Platform

A tool that helps you can easy using frida. It support script for trace classes, functions, and modify the return values of methods on iOS platform.  For Android platform: frida-android-hook  For Intercept Api was encrypted on iOS application: frida-ios-interceprt-api Env OS Support OS |...

PyHook - An Offensive API Hooking Tool Written In Python Designed To Catch Various Credentials Within The API Call

PyHook is the python implementation of my SharpHook project, It uses various API hooks in order to give us the desired credentials. PyHook Uses frida to inject it's dependencies into the target process Supported Processes Process | API Call | Description | Progress ---|---|---|--- mstsc |...

Fpicker - A Frida-based Fuzzing Suite Supporting Various Modes (Including AFL++ In-Process Fuzzing)

fpicker is a Frida-based fuzzing suite that offers a variety of fuzzing modes for in-process fuzzing, such as an AFL++ mode or a passive tracing mode. It should run on all platforms that are supported by Frida. Installation Instructions Building and Running Creating a Fuzzing Harness Modes and...

How to install Frida into an Android application

On a recent job I was testing a rather interesting piece of technology that had several server side checks but they wanted to add some additional security on the client side. Great!! One of these additional checks was to see if Frida was running on the device, this was proving a difficult nut to...

Radare2 - UNIX-like Reverse Engineering Framework And Command-Line Toolset

r2 is a rewrite from scratch of radare. It provies a set of libraries, tools and plugins to ease reverse engineering tasks. The radare project started as a simple command-line hexadecimal editor focused on forensics, over time more features were added to support a scriptable command-line low leve...

Allsafe - Intentionally Vulnerable Android Application

Allsafe is an intentionally vulnerable application that contains various vulnerabilities. Unlike other vulnerable Android apps, this one is less like a CTF and more like a real-life application that uses modern libraries and technologies. Additionally, I have included some Frida based challenges...

WFH - Windows Feature Hunter

Windows Feature Hunter WFH is a proof of concept python script that uses Frida, a dynamic instrumentation toolkit, to assist in potentially identifying common “vulnerabilities” or “features” within Windows executables. WFH currently has the capability to automatically identify potential Dynamic...

FRIDA-DEXDump - Fast Search And Dump Dex On Memory

Features 1. support fuzzy search broken header dex. 2. fix struct data of dex-header. 3. compatible with all android versionfrida supported. 4. support loading as objection plugin 5. pypi package has been released Requires frida: pip install frida optional click pip install click Installation Fro...

LibAFL - Advanced Fuzzing Library - Slot Your Fuzzer Together In Rust! Scales Across Cores And Machines. For Windows, Android, MacOS, Linux, No_Std, ...

Advanced Fuzzing Library - Slot your own fuzzers together and extend their features using Rust. LibAFL is written and maintained by Andrea Fioraldi [email protected] and Dominik Maier [email protected]. Why LibAFL? LibAFL gives you many of the benefits of an off-the-shelf fuzzer, while...

Exploit for CVE-2020-6516

WhatsApp MitD & MitM Introduction This repository contain...

MobileHackersWeapons - Mobile Hacker's Weapons / A Collection Of Cool Tools Used By Mobile Hackers

A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting Weapons OS | Type | Name | Description ---|---|---|--- All | Analysis | RMS-Runtime-Mobile-Security | Runtime Mobile Security RMS - is a powerful web interface that helps you to manipulate Android and iOS Apps at...