Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime

OSX and iOS related security tools

Radare2 and Frida better together.

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Ful…

软件安全工程师技能表

【iOS应用安全、安全攻防】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、汇编分析、IDA反编译分析加密协议Demo)；【数据传输安全】浅谈http、https与数据加密；代码加密&混淆；防抓包、http-dns解决方案，防止DNS劫持等

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS

《macOS软件安全与逆向分析》随书源码

强大的 Frida 重打包工具，用于 iOS 和 Android。轻松修改 Frida 特征，增强隐蔽性，绕过检测。简化逆向工程和安全测试。Powerful Frida repackaging tool for iOS and Android. Easily modify Frida servers to enhance stealth and bypass detection. Streamlines reverse engineering and security testing.

Every iOS security guide

iOS安全资料整理（中文）

Frida Script Runner is a versatile web-based tool designed for Android and iOS penetration testing purposes.

Leading open source version of iOS device fingerprint, accurate deviceID and risk identification.

Oversecured Vulnerable iOS App

Memory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking.

[WIP] Simple mobile applications sandbox file browser tool. Powered with [frida.re](https://www.frida.re).

iOS library (SDK) providing app protection and threat monitoring. Shield your app with free RASP. Detect reverse engineering, jailbreak, Frida, emulators, bots, signature and integrity issues, VPN usage, and monitor device identification and more.

iOS library for device fingerprinting. Does not require server APIs to work, fully client-side operation. MIT license, no restrictions on usage in production.