This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
☆1,134Jun 26, 2022Updated 3 years ago
Alternatives and similar repositories for awesome-mobile-CTF
Users that are interested in awesome-mobile-CTF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A big list of Android Hackerone disclosed reports and other resources.☆1,676Sep 10, 2025Updated 7 months ago
- Mobile CTF Solutions☆215Mar 29, 2021Updated 5 years ago
- Oversecured Vulnerable Android App☆737Jul 18, 2024Updated last year
- This experimetal fuzzer is meant to be used for API in-memory fuzzing.☆580Jun 22, 2020Updated 5 years ago
- Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime☆2,998Mar 28, 2026Updated 2 weeks ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Android security workshop material taught during the CyberTruck Challenge 2019 (Detroit USA).☆105Aug 17, 2021Updated 4 years ago
- A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.☆745Jun 25, 2021Updated 4 years ago
- Hand-crafted Frida examples☆2,521Nov 29, 2024Updated last year
- Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)☆3,442Apr 10, 2026Updated last week
- A collection of android security related resources☆9,340Apr 8, 2026Updated last week
- Android Kernel Exploitation☆644Feb 13, 2022Updated 4 years ago
- Mobile Edge-Dynamic Unified Security Analysis☆2,218Apr 10, 2026Updated last week
- A curated list of Android Security materials and resources For Pentesters and Bug Hunters☆1,887Mar 3, 2026Updated last month
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆5,179Feb 8, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse enginee…☆12,822Updated this week
- Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities☆1,430Apr 17, 2024Updated 2 years ago
- some vul☆790Apr 25, 2025Updated 11 months ago
- there are some CTF challenges or some other things helping improving android reversing skills.☆76Feb 27, 2019Updated 7 years ago
- A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more.☆1,589Mar 19, 2026Updated 3 weeks ago
- A Frida based tool that traces usage of the JNI API in Android apps.☆1,826Jul 18, 2023Updated 2 years ago
- ☆668Oct 31, 2022Updated 3 years ago
- A repository for learning various heap exploitation techniques.☆8,584Mar 26, 2026Updated 3 weeks ago
- Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.☆1,822Jun 8, 2019Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.☆1,461Jun 3, 2021Updated 4 years ago
- DIVA Android - Damn Insecure and vulnerable App for Android☆1,096May 19, 2023Updated 2 years ago
- Android App Security Checklist☆890Aug 27, 2022Updated 3 years ago
- ☆354Aug 29, 2024Updated last year
- The new bridge between Burp Suite and Frida!☆1,864Oct 30, 2025Updated 5 months ago
- awesome list of browser exploitation tutorials☆2,276Sep 18, 2023Updated 2 years ago
- Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android☆2,458Apr 10, 2026Updated last week
- Radare2 and Frida better together.☆1,394Updated this week
- [Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes…☆1,124Feb 2, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- 📱 objection - runtime mobile exploration☆9,017Mar 25, 2026Updated 3 weeks ago
- Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of…☆106May 27, 2020Updated 5 years ago
- A collection of reverse engineering challenges for learning about the Android operating system and mobile security.☆373Nov 15, 2020Updated 5 years ago
- A collection of links related to Linux kernel security and exploitation☆6,399Mar 7, 2026Updated last month
- A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on…☆5,796Apr 3, 2024Updated 2 years ago
- Mobile security trainings based on android☆106Nov 12, 2020Updated 5 years ago
- A collection of vulnerable ARM binaries for practicing exploit development☆946Nov 15, 2021Updated 4 years ago