Can this skill help with both Android and iOS apps?

Yes, it includes specialized commands and workflows for both Android (ADB, APKTool, JADX) and iOS (Frida, Objection, Keychain dumper).

How does it assist with network traffic analysis?

It provides guidance on setting up proxy tools like Burp Suite and mitmproxy to intercept and analyze encrypted mobile application traffic.

Does it provide scripts for bypassing security controls?

Absolutely. It includes patterns for bypassing SSL pinning and root/jailbreak detection using Frida and other runtime instrumentation tools.

Can it help with static analysis of mobile binaries?

Yes, it offers workflows for decompiling binaries, searching for sensitive strings, and auditing configuration files like AndroidManifest.xml and Info.plist.

Does it support automated vulnerability scanning?

While it focuses on manual and semi-automated expert workflows, it provides integration commands for tools like MobSF (Mobile Security Framework).

Mobile App Pentesting

Name: Mobile App Pentesting
Author: trilwu

bytrilwu

0•

보안 및 테스팅

Conducts comprehensive security audits and penetration testing for Android and iOS mobile applications.

This skill transforms Claude Code into a specialized security assistant for mobile application assessments. It provides deep technical guidance for both Android and iOS platforms, covering static analysis such as decompilation and manifest audits, dynamic analysis using tools like Frida and Objection, and specialized techniques like SSL pinning bypass and root/jailbreak detection. Whether you are analyzing APK/IPA files, intercepting network traffic with Burp Suite, or investigating insecure data storage in keychains or databases, this skill offers the specific commands and implementation patterns needed to identify and exploit mobile-specific vulnerabilities effectively.

주요 기능

01Traffic interception setup for Burp Suite and mitmproxy on mobile devices

02Android APK decompilation, manifest auditing, and repackaging workflows

03Dynamic instrumentation using Frida and Objection for runtime analysis

04Automated techniques for bypassing SSL pinning and root/jailbreak detection

050 GitHub stars

06iOS IPA analysis, binary decryption, and keychain auditing

사용 사례

01Professional penetration testers automating ADB and Frida commands during security assessments

02Mobile developers auditing their own apps for OWASP Mobile Top 10 vulnerabilities

03Security researchers performing bug bounty hunting on Android and iOS applications

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add trilwu/secskills mobile-pentesting

For use in Claude.ai and ChatGPT

Download Skill