pentest-mobile-app
The pentest-mobile-app skill provides structured methodologies for testing Android and iOS applications against OWASP Mobile Top 10 vulnerabilities, including static binary analysis, insecure local storage detection, certificate pinning bypass, inter-process communication exploitation, and binary protection assessment. Use this skill when conducting authorized security assessments of mobile applications with proper written scope and access to APK/IPA files or test devices.
git clone --depth 1 https://github.com/jd-opensource/JoySafeter /tmp/pentest-mobile-app && cp -r /tmp/pentest-mobile-app/skills/pentest-mobile-app ~/.claude/skills/pentest-mobile-appSKILL.md
# Pentest Mobile App ## Purpose Mobile apps are completely absent from Shannon (web-only) and all existing skills. Mobile apps often share backend APIs but introduce unique attack surfaces: local storage, pinning, intent handling, binary protections. ## Prerequisites ### Authorization Requirements - **Written authorization** with mobile app testing scope - **APK/IPA files** or access to app store downloads - **Test devices** or emulators (rooted Android, jailbroken iOS preferred) - **Backend API documentation** if available ### Environment Setup - Frida for runtime instrumentation - Objection for quick mobile security testing - MobSF for automated static/dynamic analysis - jadx for Android decompilation, Hopper for iOS - Burp Suite configured as mobile proxy ## Core Workflow 1. **Static Analysis**: Decompile APK/IPA, analyze for hardcoded secrets, insecure storage patterns, weak crypto, exported components, debug flags. 2. **Insecure Data Storage**: Check SharedPreferences/Keychain for sensitive data, SQLite DBs, log files, clipboard exposure, backup extraction. 3. **Certificate Pinning Bypass**: Use Frida/Objection to disable pinning, intercept HTTPS traffic, test HTTP fallback. 4. **Auth & Session on Mobile**: Token storage security, biometric bypass, session timeout, deep link auth bypass. 5. **IPC Testing**: Exported Activities/Services/BroadcastReceivers (Android), URL scheme hijacking (iOS), intent injection, custom URI handler abuse. 6. **Binary Protections**: Root/jailbreak detection bypass, anti-tampering bypass, code obfuscation assessment, runtime manipulation via Frida. 7. **Mobile-Context API Testing**: APIs trusting mobile client-side validation, device-ID spoofing, push notification token abuse. ## Tool Categories | Category | Tools | Purpose | |----------|-------|---------| | Runtime Instrumentation | Frida, Objection | Hook functions, bypass protections | | Static Analysis | MobSF, jadx, Hopper | Decompile and analyze binaries | | Traffic Interception | Burp Suite, mitmproxy | HTTPS interception with pinning bypass | | Android Testing | adb, drozer | Component testing, IPC analysis | | iOS Testing | Objection, cycript | Runtime manipulation, keychain dump | ## References - `references/tools.md` - Tool function signatures and parameters - `references/workflows.md` - Attack pattern definitions and test vectors
You MUST use this before any creative work - creating features, building components, adding functionality, or modifying behavior. Explores user intent, requirements and design before implementation.
Use when you have a written implementation plan to execute in a separate session with review checkpoints
OpenClaw 安全检测工具,基于安全实践指南验证配置安全、权限隔离、网络策略、日志审计和运行时完整性
OpenClaw 攻击模式检测工具,识别数据外传、反弹Shell、文件泄露、Prompt注入、供应链投毒等高危行为,支持 MITRE ATT&CK 映射
Comprehensive PDF manipulation toolkit for extracting text and tables, creating new PDFs, merging/splitting documents, and handling forms. When Claude needs to fill in a PDF form or programmatically process, generate, or analyze PDF documents at scale.
AI/LLM application security testing — prompt injection, jailbreaking, data exfiltration, and insecure output handling per OWASP LLM Top 10.
Deep OWASP API Security Top 10 testing for REST, GraphQL, gRPC, and WebSocket APIs — BFLA, mass assignment, rate limiting, and unsafe consumption.