Virtual machines for iOS and macOS

A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.

Analysis and proof-of-concept bypass of Promon SHIELD's Android application protection

Android 14 kernel exploit for Pixel7/8 Pro

A very basic Social Network App in DRF

kfd, short for kernel file descriptor, is a project to read and write kernel memory on Apple devices.

list of regex patterns for oauth / api tokens with provided source

Advanced detection of rooting

iOS 14.0-15.7.1 & 16.0-16.1.2 MacDirtyCow ToolBox

ELK Stack + CRUD API built on top of Go

Jailbreak for A8 through A11, T2 devices, on iOS/iPadOS/tvOS 15.0, bridgeOS 5.0 and higher.

Hermes Bytecode Reverse Engineering Tool (Assemble/Disassemble Hermes Bytecode)

NeoPOP is CRED's inbuilt library for using NeoPOP components in your app

NeoPOP components library based on CRED's design system

This script tampers the apk to inject Facebook Stetho library to inspect app sandbox data on non-rooted device

The real deal

Binary, coverage-guided fuzzer for Windows, macOS, Linux and Android

A hook framework for Android Runtime (ART)

Python ADB + Fastboot implementation

Never ever ever use pixelation as a redaction technique

Using system APIs directly with adb/root privileges from normal apps through a Java process started with app_process.

A Dynamic Binary Instrumentation framework based on LLVM.

DIAL(Did I Alert Lambda?) is a centralised security misconfiguration detection framework which completely runs on AWS Managed services like AWS API Gateway, AWS Event Bridge & AWS Lambda

Reverse Engineering Resources About All Platforms(Windows/Linux/macOS/Android/iOS/IoT) And Every Aspect! (More than 3500 open source tools and 2300 posts&videos)

Linux Runtime Security and Forensics using eBPF

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228