Testing Tools

About the tools listed below

The OWASP MASTG includes many tools to assist you in executing test cases, allowing you to perform static analysis, dynamic analysis, network interception, etc. These tools are intended to help you perform your own assessments, rather than provide a conclusive result on the security status of an app. It's important to review the output of these tools carefully, as it can contain both false positives and false negatives.

These tools have been tested to work when added, but compatibility may vary depending on your OS version, the device you're testing, or whether you're using a rooted or jailbroken device. Tool functionality may also be affected by specific versions of the rooting/jailbreaking method or the tool itself. OWASP MASTG does not guarantee the functionality of the tools. If you encounter problems, try to search for solutions online or contact the tool owner (e.g. via GitHub Issues).

Before proposing a new tool via GitHub Issues/Pull Requests, please check our contribution guidelines.

ID Name Platform Used in Used in Demos Status
MASTG-TOOL-0143 badssl platform:network 3 MASTG-DEMO 3 currentstatus:current
MASTG-TOOL-0109 Nope-Proxy platform:network unusedUnused 0 currentstatus:current
MASTG-TOOL-0078 MITM Relay platform:network 1 MASTG-TEST 0 currentstatus:current
MASTG-TOOL-0076 bettercap platform:network 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0079 ZAP platform:network 3 MASTG-TECH
6 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0075 Android tcpdump platform:network 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0115 HTTP Toolkit platform:network unusedUnused 0 currentstatus:current
MASTG-TOOL-0080 tcpdump platform:network 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0077 Burp Suite platform:network 7 MASTG-TECH
5 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0081 Wireshark platform:network 3 MASTG-TECH
2 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0097 mitmproxy platform:network 2 MASTG-TECH
1 MASTG-DEMO
2 MASTG-TEST		 1 currentstatus:current
MASTG-TOOL-0123 apksigner platform:android 1 MASTG-TECH
1 MASTG-KNOW		 0 currentstatus:current
MASTG-TOOL-0010 APKLab platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0006 Android SDK platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0029 objection for Android platform:android 1 MASTG-TECH
1 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0009 APKiD platform:android 1 MASTG-KNOW
1 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0020 JustTrustMe platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0124 aapt2 platform:android 2 MASTG-TECH
1 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0001 Frida for Android platform:android 2 MASTG-TECH
7 MASTG-DEMO
10 MASTG-TEST		 7 currentstatus:current
MASTG-TOOL-0002 MobSF for Android platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0016 gplaycli platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0011 Apktool platform:android 3 MASTG-TECH
1 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0116 Blutter platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0005 Android NDK platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0025 SSLUnpinning platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0107 JNITrace platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0140 frida-multiple-unpinning platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0017 House platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0015 drozer platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0120 ProxyDroid platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0022 Proguard platform:android 1 MASTG-TECH
1 MASTG-KNOW
2 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0023 RootCloak Plus platform:android unusedUnused 0 deprecatedstatus:deprecated
MASTG-TOOL-0028 radare2 for Android platform:android 2 MASTG-TECH
1 MASTG-KNOW		 0 currentstatus:current
MASTG-TOOL-0146 RootBeer platform:android 1 MASTG-KNOW 0 currentstatus:current
MASTG-TOOL-0112 pidcat platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0103 uber-apk-signer platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0021 Magisk platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0008 Android-SSL-TrustKiller platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0007 Android Studio platform:android 3 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0130 blint platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0099 FlowDroid platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0148 apkeep platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0014 Bytecode Viewer platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0013 Busybox platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0018 jadx platform:android 5 MASTG-TECH
4 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0004 adb platform:android 12 MASTG-TECH
3 MASTG-KNOW
3 MASTG-DEMO
3 MASTG-TEST		 3 currentstatus:current
MASTG-TOOL-0024 Scrcpy platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0012 apkx platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0003 nm - Android platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0125 Apkleaks platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0147 Android RASP platform:android 1 MASTG-KNOW 0 currentstatus:current
MASTG-TOOL-0027 Xposed platform:android 1 MASTG-KNOW
1 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0030 Angr platform:android 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0019 jdb platform:android unusedUnused 0 currentstatus:current
MASTG-TOOL-0026 Termux platform:android 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0104 hermes-dec platform:generic unusedUnused 0 currentstatus:current
MASTG-TOOL-0133 Visual Studio Code (vscode) platform:generic 2 MASTG-TECH
1 MASTG-DEMO		 1 currentstatus:current
MASTG-TOOL-0110 semgrep platform:generic 2 MASTG-TECH
27 MASTG-DEMO
10 MASTG-TEST		 27 currentstatus:current
MASTG-TOOL-0031 Frida platform:generic 4 MASTG-TEST 0 currentstatus:current
MASTG-TOOL-0035 MobSF platform:generic 4 MASTG-TECH
3 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0129 rabin2 platform:generic 8 MASTG-TECH
1 MASTG-DEMO
8 MASTG-TEST		 1 currentstatus:current
MASTG-TOOL-0106 Fridump platform:generic 2 MASTG-TECH
2 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0108 Corellium platform:generic unusedUnused 0 currentstatus:current
MASTG-TOOL-0145 Frooky platform:generic 5 MASTG-DEMO 5 currentstatus:current
MASTG-TOOL-0131 dependency-check platform:generic 2 MASTG-TECH
2 MASTG-DEMO
2 MASTG-TEST		 2 currentstatus:current
MASTG-TOOL-0134 cdxgen platform:generic 2 MASTG-TECH
1 MASTG-DEMO		 1 currentstatus:current
MASTG-TOOL-0032 Frida CodeShare platform:generic 1 MASTG-TECH
2 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0037 RMS Runtime Mobile Security platform:generic 1 MASTG-TECH
3 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0132 dependency-track platform:generic 2 MASTG-TECH
2 MASTG-DEMO
2 MASTG-TEST		 2 currentstatus:current
MASTG-TOOL-0100 reFlutter platform:generic 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0034 LIEF platform:generic 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0144 gitleaks platform:generic 1 MASTG-DEMO 1 currentstatus:current
MASTG-TOOL-0098 iaito platform:generic 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0033 Ghidra platform:generic 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0101 disable-flutter-tls-verification platform:generic 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0038 objection platform:generic 8 MASTG-TECH
1 MASTG-KNOW
9 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0036 r2frida platform:generic 3 MASTG-TECH
1 MASTG-KNOW
2 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0042 BinaryCookieReader platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0121 objdump - iOS platform:ios 1 MASTG-TECH
1 MASTG-KNOW		 0 currentstatus:current
MASTG-TOOL-0049 Frida-cycript platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0069 Usbmuxd platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0066 SSL Kill Switch 3 platform:ios 1 MASTG-TEST 0 currentstatus:current
MASTG-TOOL-0064 Sileo platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0141 IOSSecuritySuite platform:ios 1 MASTG-KNOW 0 currentstatus:current
MASTG-TOOL-0074 objection for iOS platform:ios 9 MASTG-TECH
1 MASTG-KNOW		 0 currentstatus:current
MASTG-TOOL-0070 Xcode platform:ios 2 MASTG-TECH
2 MASTG-DEMO		 2 currentstatus:current
MASTG-TOOL-0062 Plutil platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0118 Sideloadly platform:ios 4 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0043 class-dump platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0071 Xcode Command Line Tools platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0072 xcrun platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0060 otool platform:ios 2 MASTG-TECH
1 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0050 Frida-ios-dump platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0068 SwiftShield platform:ios 1 MASTG-KNOW 0 currentstatus:current
MASTG-TOOL-0102 ios-app-signer platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0105 ipsw platform:ios 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0138 ipainstaller platform:ios 3 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0048 dsdump platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0045 class-dump-dyld platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0040 MobSF for iOS platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0041 nm - iOS platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0136 plistlib platform:ios 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0058 MachoOView platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0111 ldid platform:ios 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0137 GlobalWebInspect platform:ios 1 MASTG-TECH
1 MASTG-KNOW		 0 currentstatus:current
MASTG-TOOL-0142 Choicy platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0127 AppSync Unified platform:ios 2 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0063 security platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0135 PlistBuddy platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0056 Keychain-Dumper platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0053 iOSbackup platform:ios 1 MASTG-TEST 0 currentstatus:current
MASTG-TOOL-0073 radare2 for iOS platform:ios 4 MASTG-TECH
1 MASTG-KNOW
12 MASTG-DEMO
21 MASTG-TEST		 12 currentstatus:current
MASTG-TOOL-0061 Grapefruit platform:ios 5 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0039 Frida for iOS platform:ios 3 MASTG-TECH
7 MASTG-DEMO
6 MASTG-TEST		 7 currentstatus:current
MASTG-TOOL-0128 Filza platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0139 ElleKit platform:ios 1 MASTG-TECH
1 MASTG-TEST		 0 currentstatus:current
MASTG-TOOL-0057 lldb platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0051 gdb platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0126 libimobiledevice suite platform:ios 3 MASTG-TECH
1 MASTG-DEMO		 1 currentstatus:current
MASTG-TOOL-0054 ios-deploy platform:ios 3 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0044 class-dump-z platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0055 iproxy platform:ios 3 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0047 Cydia platform:ios 2 MASTG-TECH
1 MASTG-KNOW		 0 deprecatedstatus:deprecated
MASTG-TOOL-0122 c++filt platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0067 swift-demangle platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0065 simctl platform:ios unusedUnused 0 currentstatus:current
MASTG-TOOL-0117 fastlane platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0059 optool platform:ios 1 MASTG-TECH 0 currentstatus:current
MASTG-TOOL-0046 Cycript platform:ios unusedUnused 0 deprecatedstatus:deprecated
MASTG-TOOL-0114 codesign platform:ios 4 MASTG-TECH
1 MASTG-TEST		 0 currentstatus:current