mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-05 23:38:57 +03:00
c47eed6a64
- Fix 25 shell=True subprocess calls with list-based commands - Fix 49 verify=False in defensive skills (env-var override) - Add timeout to 231 HTTP/subprocess/socket calls - Fix 6 SQL injection patterns with whitelist validation - Replace 8 __import__() with standard imports - Remove 701 unused imports across 442 files - Add authorized-testing disclaimers to all offensive skills - Complete 11 incomplete skill directories - Expand 10 stub SKILL.md files with full content - Fix 2 YAML parse errors in frontmatter - Fix 5 pre-existing syntax errors - Convert 22 hardcoded paths/ports to environment variables - Back up 21 redundant skill pairs to .bak - Fix 2 global declaration errors - 724/724 skills with full folder anatomy (SKILL.md + agent.py + api-reference.md + LICENSE) - 0 compile errors across all 724 agent.py files
1.8 KiB
1.8 KiB
Mobile Application Penetration Test — API Reference
Libraries & Tools
| Tool | Install | Purpose |
|---|---|---|
| apktool | apt install apktool |
Android APK decompilation and recompilation |
| objection | pip install objection |
Runtime mobile exploration via Frida |
| frida-tools | pip install frida-tools |
Dynamic instrumentation framework |
| jadx | Binary download | Java decompiler for APK source code |
| MobSF | docker pull opensecurity/mobile-security-framework-mobsf |
Automated mobile security scanner |
Key objection Commands
| Command | Description |
|---|---|
objection -g <pkg> explore |
Attach to running app |
android sslpinning disable |
Bypass SSL certificate pinning |
android root disable |
Bypass root detection |
android hooking list activities |
List app activities |
android keystore list |
Dump Android Keystore entries |
android clipboard monitor |
Monitor clipboard content |
Frida Script Patterns
| Pattern | Purpose |
|---|---|
Java.use("class").method.implementation |
Hook Java method |
Interceptor.attach(addr, {onEnter, onLeave}) |
Hook native function |
Java.choose("class", {onMatch, onComplete}) |
Find live instances |
OWASP Mobile Top 10 Checks
| ID | Vulnerability |
|---|---|
| M1 | Improper Platform Usage |
| M2 | Insecure Data Storage |
| M3 | Insecure Communication |
| M4 | Insecure Authentication |
| M5 | Insufficient Cryptography |