بررسی و آنالیز برنامه اندروید

برای بررسی سریع برنامه‌های موبایل بخصوص در اندروید روش‌های مختلفی وجود دارد. آنالیز استاتیک یا داینامیک برنامه‌های APK علاوه بر بررسی‌های امنیتی و تکنولوژی‌های مورد استفاده برنامه‌های اندروید، میتونه روش سریعی باشه برای پیدا کردن SDKهای استفاده شده در برنامه‌ها، بخصوص برای فعالیت‌های بازاریابی و Digital Marketing. من معمولا از این سه سرویس آنلاین برای […]

بررسی و آنالیز برنامه اندروید Read More »


theHarvester is a tool for gathering e-mail accounts, user names and hostnames/subdomains from different public sources. It’s a really simple tool, but very effective.

theHarvester Read More »


SEAT (Search Engine Assessment Tool) is the next generation information digging application geared toward the needs of security professionals. SEAT uses information stored in search engine databases, cache repositories, and other public resources to scan a site for potential vulnerabilities. It’s multi-threaded, multi-database, and multi-search-engine capabilities permit easy navigation through vast amounts of information with

SEAT Read More »


tcptraceroute is a traceroute implementation using TCP packets. The more traditional traceroute(8) sends out either UDP or ICMP ECHO packets with a TTL of one, and increments the TTL until the destination has been reached. By printing the gateways that generate ICMP time exceeded messages along the way, it is able to determine the path

tcptraceroute Read More »


TCtrace is like itrace a traceroute(1) brother – but it uses TCP SYN packets to trace. This makes it possible for you to trace through firewalls if you know one TCP service that is allowed to pass from the outside.

tctrace Read More »


Protos is a IP protocol scanner. It goes through all possible IP protocols and uses a negative scan to sort out unsupported protocols which should be reported by the target using ICMP protocol unreachable messages.

protos Read More »


netenum can be used to produce lists of hosts for other programs. It’s not as powerful as other ping-sweep tools, but it’s simple. When giving a timeout, it uses ICMP echo request to find available hosts. If you don’t supply a timeout, it just prints an IP address per line, so you can use them

netenum Read More »


Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites.

metagoofil Read More »


Maltego is an open source intelligence and forensics application. It will offer you timous mining and gathering of information as well as the representation of this information in a easy to understand format.

Maltego Read More »


lbd (load balancing detector) detects if a given domain uses DNS and/or HTTP Load-Balancing (via Server: and Date: header and diffs between server answers).

lbd Read More »


Itrace is a program that implements traceroute(1) functionality using ICMP echo request packets. Therefore, it looks like you are just pinging your target while you traceroute there. It often helps tracing behind firewalls.

Itrace Read More »


Gooscan is a tool that automates queries against Google search appliances, but with a twist. These particular queries are designed to find potential vulnerabilities on web pages. Think “cgi scanner” that never communicates directly with the target web server, since all queries are answered by a Google appliance, not by the target itself.

gooscan Read More »


goorecon Ruby scritp for enumeration of hosts, subdomains and emails from a given domain using google. Writen for Backtrack 4

goorecon Read More »


Fierce Domain Scan First what Fierce is not. Fierce is not an IP scanner, it is not a DDoS tool, it is not designed to scan the whole internet or perform any un-targeted attacks. It is meant specifically to locate likely targets both inside and outside a corporate network. Only those targets are listed (unless

Fierce Read More »


dradis is a tool to help in the process of penetration testing. Penetration testing is about information: 1. Information discovery 2. Exploit useful information 3. Report the findings But penetration testing is also about sharing the information you and your teammates gather. Not sharing the information available in an effective way will result in exploitation

dradis Read More »

پیمایش به بالا