Merge pull request #45 from hslatman/hs_july_additions

exploitprotocol · web-flow · commit 2af08c61d6e0 · 2016-07-30T10:04:42.000+05:30
Some additions for July
diff --git a/index.html b/index.html
@@ -45,6 +45,9 @@ <h1><span class="fa fa-mobile" title="Mobile Security Wiki" style="cursor:pointe
             <a id="forensics-tools" class="anchor" href="#forensics-tools" aria-hidden="true" style="display:block"></a>
             <h2><i class="fa fa-folder"></i> Forensics Tools <a href="#forensics-tools"><span class="octicon octicon-link"></span></a></h2>
             <ul>
+               <li>
+                  <p><a href="https://github.com/yvesalexandre/bandicoot" target="_blank">bandicoot</a> - A Python toolbox to analyze mobile phone metadata. It provides a complete, easy-to-use environment for data-scientist to analyze mobile phone metadata. With only a few lines of code, load your datasets, visualize the data, perform analyses, and export the results.</p>
+               </li>
                <li>
                   <p><a href="https://github.com/CyberHatcoil/ACF" target="_blank">Android Connections Forensics</a> - Enables a forensic investigator to connections to its originating process</p>
                </li>
@@ -244,6 +247,9 @@ <h2><i class="fa fa-backward"></i> Reverse Engineering Tools <a href="#reverse-e
                </li>
                <li>
                   <p><a href="https://github.com/evilsocket/smali_emulator" target="_blank">smali_emulator</a> - Emulates a smali source file generated by apktool, for example to defeat obfuscation and encryption found in APKs.</p>
+               </li>
+               <li>
+                  <p><a href="https://github.com/cx9527/strongdb" target="_blank">Strongdb</a> - Strongdb is a gdb plugin that is written in Python, to help with debugging Android Native program.The main code uses gdb Python API.</p>
                </li>
 			   <li>
                   <p><a href="https://github.com/ajinabraham/Xenotix-APK-Reverser" target="_blank">Xenotix APK Reverser</a> - An open source Android Application Package (APK) decompiler and disassembler powered by dex2jar, baksmali and jd-core</p>
@@ -420,11 +426,14 @@ <h2><i class="fa fa-user-secret"></i>Application Security Framework<a href="#app
             	<li>
             		<p><a href="http://www.app-ray.com/" target="_blank">AppRay</a> - App-Ray takes a look inside your apps and helps you understand what they really do. In fully automated tests, App-Ray analyzes apps and highlights vulnerabilities, data leaks, and privacy breaches.</p>
             	</li>
+            	<li>
+            		<p><a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF" target="_blank">Mobile Security Framework (MobSF)</a> - Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis.</p>
+            	</li>
             	<li>
             		<p><a href="https://github.com/linkedin/qark" target="_blank">Qark</a> - Quick Android Review Kit - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands, capable of exploiting many of the vulnerabilities it finds. There is no need to root the test device, as this tool focuses on vulnerabilities that can be exploited under otherwise secure conditions.</p>
             	</li>
             	<li>
-            		<p><a href="https://github.com/ajinabraham/Mobile-Security-Framework-MobSF" target="_blank">Mobile Security Framework (MobSF)</a> - Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis.</p>
+            		<p><a href="https://github.com/Razican/super" target="_blank">SUPER</a> - Secure, Unified, Powerful and Extensible Rust Android Analyzer can be used to automatically analyze apps for vulnerabilities.</p>
             	</li>
             </ul>
             <a id="android-malwares-related" class="anchor" href="#android-malwares-related" aria-hidden="true"></a>
@@ -442,6 +451,9 @@ <h2><i class="fa fa-warning"></i> Android Malwares Related <a href="#android-mal
                <li>
                   <p><a href="https://github.com/maldroid/maldrolyzer" target="_blank">Maldrolyzer</a> - Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.)</p>
                </li>
+               <li>
+                  <p><a href="http://forensics.spreitzenbarth.de/android-malware/" target="_blank">Spreitzenbarth</a> - List of Android-Malware-Families with their main capabilities.</p>
+               </li>
             </ul>
             <a id="tutorials" class="anchor" href="#tutorials" aria-hidden="true"></a>
             <h2><i class="fa fa-university"></i> Tutorials <a href="#tutorials"><span class="octicon octicon-link"></span></a></h2>
@@ -523,6 +535,8 @@ <h2><i class="fa fa-thumbs-up"></i> Best Practices <a href="#best-practices"><sp
             	<li><a href="https://nccoe.nist.gov/projects/building_blocks/mobile_device_security" target="_blank">NIST Cybersecurity Practice Guide : “Mobile Device Security: Cloud & Hybrid Builds”</a></li>
                <li><a href="http://source.android.com/devices/tech/security/" target="_blank">Android Security Overview</a></li>
                <li><a href="http://developer.android.com/training/articles/security-tips.html" target="_blank">Android Security Tips for Developers</a></li>
+               <li><a href="https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet" target="_blank">Mobile Application Penetration Testing Cheat Sheet</a></li>
+               <li><a href="https://github.com/joswr1ght/MobileAppReportCard" target="_blank">MobileAppReportCard: Microsoft Excel spreadsheets for consistent security evaluation of Android and iOS mobile applications</a></li>
                <li><a href="https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Controls" target="_blank">Projects/OWASP Mobile Security Project - Top Ten Mobile Controls</a></li>
                <li><a href="https://www.pcisecuritystandards.org/documents/Mobile%20Payment%20Security%20Guidelines%20v1%200.pdf" target="_blank">PCI Mobile Payment Acceptance
                   Security Guidelines for Developers</a>
@@ -1426,9 +1440,10 @@ <h2><i class="fa fa-university"></i> iOS Tutorials and Guides <a href="#iOS-tuto
             <a id="iOS-best-practices" class="anchor" href="#iOS-best-practices" aria-hidden="true" style="visibility: hidden"></a>
             <h2><i class="fa fa-thumbs-up"></i> iOS Best Practices <a href="#iOS-best-practices"><span class="octicon octicon-link"></span></a></h2>
             <ul>
-            	<li><a href="https://nccoe.nist.gov/projects/building_blocks/mobile_device_security" target="_blank">NIST Cybersecurity Practice Guide : “Mobile Device Security: Cloud & Hybrid Builds”</a></li>
+               <li><a href="https://project-imas.github.io/index.html" target="_blank">iMAS helps developers encrypt app data, prompt for passwords, prevent app tampering, and enforce enterprise policies on iOS devices.</a></li>
                <li><a href="https://developer.apple.com/library/ios/documentation/Security/Conceptual/SecureCodingGuide/Introduction.html#//apple_ref/doc/uid/TP40002477-SW1" target="_blank">iOS Secure Coding Guide</a></li>
                <li><a href="https://www.apple.com/business/docs/iOS_Security_Guide.pdf" target="_blank">iOS Security Guide</a></li>
+            	<li><a href="https://nccoe.nist.gov/projects/building_blocks/mobile_device_security" target="_blank">NIST Cybersecurity Practice Guide : “Mobile Device Security: Cloud & Hybrid Builds”</a></li>
             </ul>
 
             <a id="ios-books" class="anchor" href="#ios-books" aria-hidden="true"></a>
