This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
☆1,144Jun 26, 2022Updated 3 years ago
Alternatives and similar repositories for awesome-mobile-CTF
Users that are interested in awesome-mobile-CTF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A big list of Android Hackerone disclosed reports and other resources.☆1,687Sep 10, 2025Updated 8 months ago
- Mobile CTF Solutions☆214Mar 29, 2021Updated 5 years ago
- Oversecured Vulnerable Android App☆745Jul 18, 2024Updated last year
- This experimetal fuzzer is meant to be used for API in-memory fuzzing.☆578Jun 22, 2020Updated 5 years ago
- Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime☆3,009Mar 28, 2026Updated last month
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Android security workshop material taught during the CyberTruck Challenge 2019 (Detroit USA).☆105Aug 17, 2021Updated 4 years ago
- A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.☆748Jun 25, 2021Updated 4 years ago
- Hand-crafted Frida examples☆2,525Nov 29, 2024Updated last year
- Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)☆3,465Apr 10, 2026Updated last month
- A collection of android security related resources☆9,427Updated this week
- Android Kernel Exploitation☆645Feb 13, 2022Updated 4 years ago
- Mobile Edge-Dynamic Unified Security Analysis☆2,262May 19, 2026Updated last week
- A curated list of Android Security materials and resources For Pentesters and Bug Hunters☆1,898Mar 3, 2026Updated 2 months ago
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆5,200Feb 8, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse enginee…☆12,914Updated this week
- some vul☆793Apr 25, 2025Updated last year
- there are some CTF challenges or some other things helping improving android reversing skills.☆75Feb 27, 2019Updated 7 years ago
- Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities☆1,442Apr 17, 2024Updated 2 years ago
- A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more.☆1,606Mar 19, 2026Updated 2 months ago
- A Frida based tool that traces usage of the JNI API in Android apps.☆1,840Jul 18, 2023Updated 2 years ago
- ☆678Oct 31, 2022Updated 3 years ago
- A repository for learning various heap exploitation techniques.☆8,664May 15, 2026Updated last week
- A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.☆1,461Jun 3, 2021Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.☆1,827Jun 8, 2019Updated 6 years ago
- Android App Security Checklist☆893Aug 27, 2022Updated 3 years ago
- ☆354Aug 29, 2024Updated last year
- DIVA Android - Damn Insecure and vulnerable App for Android☆1,111May 19, 2023Updated 3 years ago
- The new bridge between Burp Suite and Frida!☆1,874Oct 30, 2025Updated 6 months ago
- awesome list of browser exploitation tutorials☆2,279Sep 18, 2023Updated 2 years ago
- Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android☆2,497May 5, 2026Updated 3 weeks ago
- Radare2 and Frida better together.☆1,412Updated this week
- [Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes…☆1,129Feb 2, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- 📱 objection - runtime mobile exploration☆9,138Apr 12, 2026Updated last month
- Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of…☆106May 27, 2020Updated 6 years ago
- A collection of reverse engineering challenges for learning about the Android operating system and mobile security.☆374Nov 15, 2020Updated 5 years ago
- A collection of links related to Linux kernel security and exploitation☆6,459May 20, 2026Updated last week
- A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on…☆5,827Apr 3, 2024Updated 2 years ago
- Mobile security trainings based on android☆105Nov 12, 2020Updated 5 years ago
- A collection of vulnerable ARM binaries for practicing exploit development☆946Nov 15, 2021Updated 4 years ago