Inspect and instrument React Native applications at runtime

A reverse engineering tool for decompiling and disassembling the React Native Hermes bytecode

Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code

ACVTool (Android Code Coverage Tool) is a tool to measure fine-grained code coverage of 3rd-party Android apps.

Significant security enchancements of recent major Android versions.

pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

Subdomain finder

Jailbreak for A8 through A11, T2 devices, on iOS/iPadOS/tvOS 15.0, bridgeOS 5.0 and higher.

Cybersecurity oriented awesome list

Quarkslab conference talks

A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon

Subdomain takeover vulnerability checker

A True Instrumentable Binary Emulation Framework

拼多多apk内嵌提权代码，及动态下发dex分析

Binder Trace is a tool for intercepting and parsing Android Binder messages. Think of it as "Wireshark for Binder".

Binary instrumentation framework based on FRIDA

Bypass Facebook SSL pinning on Android devices.

Bypass Messenger SSL pinning on Android devices.

Bypass Snapchat SSL pinning on Android devices

Bypass Instagram SSL pinning on Android devices.

Bypass Tiktok SSL pinning on Android devices.

Target Redirector is a Burp Suite Extension written in Kotlin, which redirects all Burp requests destined for a chosen target to a different target of your choice. The hostname/IP, port and protoco…

Slides and videos from my public speeches / conferences

JADX-gui scripting plugin for dynamic decompiler manipulation

Open Devices Corner docs - **Contributions welcome!**

Statically unpacking common android banker malware.