creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-14 06:54:57 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
ccce7d4e068efecc2f98c385c8e5c01d969fc9bc
Anthropic-Cybersecurity-Skills/skills/conducting-mobile-application-penetration-test/references/api-reference.md
T
mukul975 c21af3347e Complete folder anatomy for all 649 cybersecurity skills + update LICENSE to Mahipal 
- Add scripts/agent.py and references/api-reference.md to all remaining skills
- Update all 648 LICENSE files: copyright now reads 'Mahipal'
- Add implementing-security-monitoring-with-datadog (new skill with full anatomy)
- All 649 skills now have: SKILL.md, LICENSE, scripts/agent.py, references/api-reference.md
2026-03-11 00:22:12 +01:00

48 lines
1.8 KiB
Markdown
Raw Blame History

# Mobile Application Penetration Test — API Reference
## Libraries & Tools
| Tool | Install | Purpose |
|------|---------|---------|
| apktool | `apt install apktool` | Android APK decompilation and recompilation |
| objection | `pip install objection` | Runtime mobile exploration via Frida |
| frida-tools | `pip install frida-tools` | Dynamic instrumentation framework |
| jadx | Binary download | Java decompiler for APK source code |
| MobSF | `docker pull opensecurity/mobile-security-framework-mobsf` | Automated mobile security scanner |
## Key objection Commands
| Command | Description |
|---------|-------------|
| `objection -g <pkg> explore` | Attach to running app |
| `android sslpinning disable` | Bypass SSL certificate pinning |
| `android root disable` | Bypass root detection |
| `android hooking list activities` | List app activities |
| `android keystore list` | Dump Android Keystore entries |
| `android clipboard monitor` | Monitor clipboard content |
## Frida Script Patterns
| Pattern | Purpose |
|---------|---------|
| `Java.use("class").method.implementation` | Hook Java method |
| `Interceptor.attach(addr, {onEnter, onLeave})` | Hook native function |
| `Java.choose("class", {onMatch, onComplete})` | Find live instances |
## OWASP Mobile Top 10 Checks
| ID | Vulnerability |
|----|--------------|
| M1 | Improper Platform Usage |
| M2 | Insecure Data Storage |
| M3 | Insecure Communication |
| M4 | Insecure Authentication |
| M5 | Insufficient Cryptography |
## External References
- [OWASP Mobile Testing Guide](https://owasp.org/www-project-mobile-security-testing-guide/)
- [Frida Documentation](https://frida.re/docs/home/)
- [objection Wiki](https://github.com/sensepost/objection/wiki)
- [apktool Documentation](https://apktool.org/docs/install)
Reference in New Issue View Git Blame Copy Permalink