objection
Free-RASP-Community
Our great sponsors
objection | Free-RASP-Community | |
---|---|---|
17 | 7 | |
6,909 | 238 | |
2.2% | 5.5% | |
3.9 | 6.8 | |
about 2 months ago | 3 months ago | |
Python | ||
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
objection
- apk.sh, make reverse engineering Android apps easier!
- Prerequisites for reverse engineering?
-
Mitmproxy 8
This is true, by default Android apps do not trust user-installed certificate authorities. IMO the easiest solution if you're doing security testing on a dedicated device is MagiskTrustUserCerts[1]. If you're not testing on a dedicated device or you don't want to root the device, I'd recommend using the objection[2] tool which has a guided mode for patching an apk, and you can modify the manifest to add your CA or to trust all user-installed CAs.
[1]: https://github.com/NVISOsecurity/MagiskTrustUserCerts
[2]: https://github.com/sensepost/objection/wiki/Patching-Android...
-
Is this networking knowledge enough ?
Then use runtime tools like Runtime Mobile Security, Grapefruit, and Objection to see stuff in action and practice Frida along with as these tools usually support loading custom Frida scripts.
-
Awesome CTF : Top Learning Resource Labs
Objection - Runtime Mobile Exploration.
Free-RASP-Community
-
How to make readable docs with Github README?
Here is the question: Could you point me towards a well-documented project/library? I am not yet satisfied with the current state of freeRASP's docs: common README + Android README. I am asking myself whether more images would improve it since it is IMO too wordy. Thanks a lot guys!
-
What are your infra/tools for Flutter apps?
Yes, it protects against majority of common vulnerabilities, check the readme. I admire that it is free - a huge advantage for my smaller projects.
What are some alternatives?
frida - Clone this repo to build Frida
drozer - The Leading Security Assessment Framework for Android.
awesome-frida - Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers
pub-dev - The pub.dev website
AndroidLibrary - Android library to reveal or obfuscate strings and assets at runtime
Apktool - A tool for reverse engineering Android apk files
frida-scripts - A collection of my Frida.re instrumentation scripts to facilitate reverse engineering of mobile apps.
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy
Free-RASP-Android - Library for improving app security and threat monitoring on Android mobile devices.
hack-the-arch - Welcome to HackTheArch! A free open source scoring server for cyber Capture the Flag competitions!