PRINT
PRINT
SEND MAIL
SEND MAIL

Category: Static Analysis

Android SecurityARMBinary AnalysisDynamic AnalysisiOSiOS SecurityMalware AnalysisMobile SecurityMobile Security FrameworkMobSFNEW TOOLSStatic AnalysisWindows Mobile Security

MobSF (Mobile Security Framework) v1.0 – Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis. It can be used for effective and fast security analysis of Android, iOS and Windows mobile applications and support both binaries (APK, IPA & APPX ) and zipped source code. MobSF can do dynamic application testing at runtime for Android apps and has Web API fuzzing capabilities powered by CapFuzz, a Web API specific security scanner. MobSF is designed to make your CI/CD…

Analyse Browser ExtensionsBrowser ExtensionJavaScriptNetoNEW TOOLSPython PackagePython3Static Analysis

Neto – A Tool To Analyse Browser Extensions

Project Neto is a Python 3 package conceived to analyse and unravel hidden features of browser plugins and extensions for well-known browsers such as Firefox and Chrome. It automates the process of unzipping the packaged files to extract these features from relevant resources in a extension like manifest.json, localization folders or Javascript and HTML source files.InstallationTo install the package, the user can choose pip3.pip3 install -e . --userOptionally, it can also be installed with administrator privileges using sudo:sudo pip3 install -e .A successfull installation…

API ScannerDynamic TestingEaSTInformation DisclosureNEW TOOLSSecurity AssessmentSecurity Assessment ToolSQLsql injectionSQLiStatic AnalysisWSSATXXE Injection

WSSAT v2.0 – Web Service Security Assessment Tool

WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as input file and for each service, it performs both static and dynamic tests against the security vulnerabilities. It also makes information disclosure controls. With this tool, all web services could be analysed at once and the overall security assessment could be seen by the organization.Objectives of WSSAT are to allow…

EXPLOIT-COLLECTORHacking ToolsHomeStatic Analysis

StaCoAn – Mobile App Static Analysis Tool

StaCoAn is a cross-platform tool which aids developers, bug bounty hunters and ethical hackers performing mobile app static analysis on the code of the application for both native Android and iOS applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL’s of API’s Decryption keys Major coding mistakes This tool was created with a big focus on usability and graphical guidance in the user interface. Read the rest of StaCoAn – Mobile App Static Analysis…

MacMalScanMalware AnalysisMalware Static AnlysisNEW TOOLSPEPE FilePython Malware AnalysisStatic AnalysisTLSYara

MalScan – A Simple PE File Heuristics Scanners

MalScan is a simple PE File Heuristics Scanners written in python that you can use to quickly analyze a PE file and find out whether anything suspicious exists. It is a simple tool so doesn't offers much fancy features. You are free to extend it or do whatever you want with it.Things SupportedInformation About file such as MD5, SHA1, TimestampPEiD Signature CheckCustom Yara Rules IntegrationSection, Imports, Exports, Resources and TLS Callbacks OverviewProvides some custom heuristics :-)InstallingYou need to have Python 2.7 installed on your…