This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
☆1,149Jun 26, 2022Updated 3 years ago
Alternatives and similar repositories for awesome-mobile-CTF
Users that are interested in awesome-mobile-CTF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A big list of Android Hackerone disclosed reports and other resources.☆1,692Sep 10, 2025Updated 9 months ago
- Mobile CTF Solutions☆213Mar 29, 2021Updated 5 years ago
- Oversecured Vulnerable Android App☆746Jul 18, 2024Updated last year
- This experimetal fuzzer is meant to be used for API in-memory fuzzing.☆578Jun 22, 2020Updated 5 years ago
- Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime☆3,021Mar 28, 2026Updated 2 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Android security workshop material taught during the CyberTruck Challenge 2019 (Detroit USA).☆106Aug 17, 2021Updated 4 years ago
- A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.☆751Jun 25, 2021Updated 4 years ago
- Hand-crafted Frida examples☆2,524Nov 29, 2024Updated last year
- Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)☆3,470Apr 10, 2026Updated 2 months ago
- A collection of android security related resources�☆9,470Updated this week
- Android Kernel Exploitation☆646Feb 13, 2022Updated 4 years ago
- Mobile Edge-Dynamic Unified Security Analysis☆2,278May 19, 2026Updated 3 weeks ago
- A curated list of Android Security materials and resources For Pentesters and Bug Hunters☆1,908Mar 3, 2026Updated 3 months ago
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆5,206Feb 8, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse enginee…☆12,957Updated this week
- some vul☆796Apr 25, 2025Updated last year
- there are some CTF challenges or some other things helping improving android reversing skills.☆76Feb 27, 2019Updated 7 years ago
- Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities☆1,446Apr 17, 2024Updated 2 years ago
- A collection of my Frida instrumentation scripts to reverse engineer mobile apps and more.☆1,620Mar 19, 2026Updated 2 months ago
- A Frida based tool that traces usage of the JNI API in Android apps.☆1,847Jul 18, 2023Updated 2 years ago
- ☆682Oct 31, 2022Updated 3 years ago
- A repository for learning various heap exploitation techniques.☆8,700May 15, 2026Updated last month
- A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.☆1,464Jun 3, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.☆1,827Jun 8, 2019Updated 7 years ago
- Android App Security Checklist☆894Aug 27, 2022Updated 3 years ago
- ☆356Aug 29, 2024Updated last year
- DIVA Android - Damn Insecure and vulnerable App for Android☆1,116May 19, 2023Updated 3 years ago
- The new bridge between Burp Suite and Frida!☆1,879Oct 30, 2025Updated 7 months ago
- awesome list of browser exploitation tutorials☆2,282Sep 18, 2023Updated 2 years ago
- Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android☆2,518May 21, 2026Updated 3 weeks ago
- Radare2 and Frida better together.☆1,420Updated this week
- [Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzes…☆1,132Jun 1, 2026Updated 2 weeks ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- 📱 objection - runtime mobile exploration☆9,209Jun 2, 2026Updated 2 weeks ago
- Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of…☆106May 27, 2020Updated 6 years ago
- A collection of reverse engineering challenges for learning about the Android operating system and mobile security.☆374Nov 15, 2020Updated 5 years ago
- A collection of links related to Linux kernel security and exploitation☆6,493May 29, 2026Updated 2 weeks ago
- A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on…☆5,844Apr 3, 2024Updated 2 years ago
- Mobile security trainings based on android☆105Nov 12, 2020Updated 5 years ago
- A collection of vulnerable ARM binaries for practicing exploit development☆949Nov 15, 2021Updated 4 years ago