Security Professionals Love Mobexler
Mobexler Tools
Mobexler Comes Preinstalled with Tools & Scripts Required for Security Testing Of Android & iOS apps
Ghidra
Ghidra is an open-source software reverse engineering (SRE) framework developed by the NSA. It provides tools for analyzing binary files, including disassembly, decompilation, and scripting capabilities, making it useful for malware analysis and vulnerability research.
.svg){kind=icon}
Click the ghidra icon or execute the ghidraRun script from the installation directory. In the GUI, create or open a project, then import a binary file to start the analysis.
Radare2
Radare2 is an open-source framework for reverse engineering and analyzing binaries, offering a suite of tools for tasks like disassembly, debugging, and decompiling. It's widely used for security research, malware analysis, and binary exploitation.
Open a terminal and type r2 <file> to load the file for analysis. Use commands in Radare2's interactive shell to navigate and analyze the binary.
Grapefruit
Grapefruit is a network penetration testing tool focused on identifying vulnerabilities in external assets, such as web servers and network devices. It automates the scanning and exploitation process to assist security testers in uncovering weaknesses.
Click on iblessing icon in the iOS Zone section or type ifg in a terminal window, and then you can access it via browser on http://localhost:31337.
palera1n
Palera1n is a jailbreak tool for iOS devices, particularly designed to work with newer iOS versions and devices using the checkm8 bootrom exploit. It allows users to gain root access and install custom packages on their iOS devices.
Open a terminal, navigate to the Palera1n directory, and execute the script with a command like ./palera1n -d for a tethered jailbreak or ./palera1n -f for a rootless jailbreak.
iblessing
iBlessing is a tool designed for iOS pentesting, allowing users to manage iOS devices, access file systems, and run various security tests. It's useful for security professionals who need to interact with iOS devices in a controlled manner.
In a terminal, run iblessing followed by the desired commands, such as iblessing ls to list connected devices or iblessing apps to view installed applications.
Frida
A dynamic instrumentation toolkit that allows you to inject scripts into running processes on various platforms, including Android and iOS. It's commonly used for reverse engineering, security testing, and modifying app behavior in real-time.
On the terminal, use commands like frida -U -p <pid> to attach to a process on a connected device, or frida-trace -U <process> to trace function calls.
MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static, dynamic and malware analysis.
Run it docker app of MobSF and it i ask you for the password of lab. once password is entered ,go and browse 127.0.0.1:8000 you will see MobSF interface. Drag and drop to analyse apk.
adb
A versatile CLI tool that enables communication with Android devices for tasks like app debugging, system shell access, and file transfers. It's widely used for testing and interacting with Android devices.
Open terminal, navigate to the directory where ADB is installed, and start using commands like adb devices to list connected devices, adb shell to access the device's shell.
Frida
A dynamic instrumentation toolkit that allows you to inject scripts into running processes on various platforms, including Android and iOS. It's commonly used for reverse engineering, security testing, and modifying app behavior in real-time.
On the terminal, use commands like frida -U -p <pid> to attach to a process on a connected device, or frida-trace -U <process> to trace function calls.
jadx-gui
A graphical user interface for Jadx, a tool that decompiles Android APK files into readable Java source code. It is used for reverse engineering Android applications to understand their functionality and identify security issues.
Simply click the Jadx-GUI executable, or run ./jadx-gui in a terminal. Use the interface to load and decompile APK files.
Objection
Objection is a runtime mobile exploration toolkit powered by Frida, designed to perform security testing and dynamic analysis on Android and iOS applications. It allows security testers to bypass SSL pinning, explore the file system, and perform code injections without requiring root or jailbreak.
Open a terminal and run objection -g <app_name> explore to start the exploration session. Use the interactive shell to run specific commands for testing.
RMS
Runtime Mobile Security (RMS) is an open-source mobile application security assessment toolkit that integrates with Frida to provide dynamic analysis capabilities. It offers features like API monitoring, SSL pinning bypass, and memory dumping for both Android and iOS applications.
In a terminal, type rms to start the tool. Access the web interface through your browser, and connect to your mobile device to begin analyzing the application.
Metasploit Framework
The Metasploit Framework is a widely-used open-source platform for testing, and executing exploits against remote targets. It includes a large database of known vulnerabilities and exploits, making it essential for penetration testing and vulnerability assessment.
In a terminal, type msfconsole to launch the Metasploit console. Navigate through the interactive menu to select and run exploits.
SQLMap
SQLMap is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection vulnerabilities in web applications. It supports a wide range of database systems and offers options for different types of SQL injection attacks.
Open a terminal and type sqlmap -u <URL> to begin testing the specified URL for SQL injection vulnerabilities. Add options to refine your attack, such as --dbms to specify the database type.
nmap
Nmap (Network Mapper) is a powerful open-source tool used for network discovery and security auditing. It can scan large networks to discover hosts, services, and vulnerabilities, making it a crucial tool for network penetration testers.
Open terminal window and type nmap to get started with it. Use nmap -h for all the options and flag that can be used.
BurpSuite
A comprehensive web vulnerability scanner and penetration testing toolkit that allows security testers to identify and exploit vulnerabilities in web applications. It provides tools like a proxy, repeater, and scanner for manual and automated testing.
Launch Burp Suite via the command line or a desktop shortcut, then configure your browser's proxy settings to match Burp's default proxy (usually 127.0.0.1:8080).
Radare2
Radare2 is an open-source framework for reverse engineering and analyzing binaries, offering a suite of tools for tasks like disassembly, debugging, and decompiling. It's widely used for security research, malware analysis, and binary exploitation.
Open a terminal and type r2 <file> to load the file for analysis. Use commands in Radare2's interactive shell to navigate and analyze the binary.
DB Browser for SQLite
DB Browser for SQLite is a high-quality, open-source tool used to create, design, and edit SQLite database files. It provides an easy-to-use interface for browsing database content, executing SQL queries, and modifying database schemas.
Launch the application from your desktop or via command line, then use the "Open Database" button to start working with your SQLite databases.
What's Unique in Mobexler
A Platform For Hackers By Hackers !!!
One Platform To Rule Them All
Hack Android & iOS apps from one platform only.
Awesome Tools
Mobexler is preinstalled with numerous amazing free & open source tools
Designed For Hackers
It's design to make the jobs of penetration testing, easier.
.svg)
Smooth and Fast
Optimized to provide smooth pentesting experience.
Static & Dynamic Analysis
Capable of performing static & dynamic analysis both
Easy to connect
Android/iOS devices can easily be connected through USB or over TCP
Exploring Mobexler: Your Ultimate Resource
Check out this video that provides an in-depth exploration of Mobexler. It delves into its various use cases, showcases its powerful capabilities, and highlights the unique features that set it apart. Whether you're a beginner or an experienced user, this video offers valuable insights into how Mobexler can enhance your projects and streamline your workflow.
Learn Mobile Security From The Experts
Become a Mobile Security Pro with Enciphers Advance Training & Certification Courses
iOS Application Security
A course designed to equip you with the skills needed to identify and exploit vulnerabilities in real-world iOS applications
.webp)
Android Application Security
Explore the complex world of Android apps and acquire the skills needed to ethically hack them.
Become A Certified Professional
Obtain The Certified Mobile Appsec Expert Certification to solidify your status as a top-tier specialist in the industry.
.png)
Security Researchers, Pentesters, Bugbounty Hunters, Red Teamers
Certified Mobile Appsec Expert
An action-packed, hands-on training & certification program designed to equip you with cutting-edge skills in penetration testing for android & iOS applications.
.svg)
Challenge Based Exam
Dedicated Exam Platform
Access To Chat Platform
Online Verifiable Certificates
.svg)
About Enciphers
.svg)
.svg)
.svg)
Cloud Security Review
Strengthen your cloud security posture with a detailed security review
.svg){kind=icon}
.svg)
.png)
