OpenSecAtlas
OPENSECATLAS
11/12 free views
Tool
CLI
Mobile Security

objection

by sensepost

8.6Kstars
936forks
154watchers
Updated 5 months ago
About

Objection is a runtime mobile exploration toolkit that enables security assessment of mobile apps without requiring a jailbreak, powered by Frida.

📱 objection - runtime mobile exploration

Primary Use Case

This tool is primarily used by mobile security professionals and penetration testers to analyze and manipulate iOS and Android applications at runtime. It allows users to bypass security controls, inspect app internals, and perform memory analysis to identify vulnerabilities and security weaknesses without needing a jailbroken or rooted device.

Key Features
  • Supports both iOS and Android platforms
  • Inspect and interact with container file systems
  • Bypass SSL pinning to intercept network traffic
  • Dump keychains to extract stored credentials
  • Perform memory tasks such as dumping and patching
  • Explore and manipulate objects on the heap
  • No jailbreak or root required for usage

Installation

  • Run `pip3 install objection` to install the tool
  • Use `pip3 install --upgrade objection` to update an existing installation
  • Refer to the official wiki for detailed installation instructions

Usage

>_ objection

Launches the objection CLI for runtime mobile exploration

Security Frameworks
Reconnaissance
Defense Evasion
Credential Access
Discovery
Collection
Usage Insights
  • Integrate objection with automated mobile app CI/CD pipelines to detect security regressions early.
  • Use objection during red team engagements to bypass SSL pinning and extract credentials for lateral movement.
  • Leverage objection's no-jailbreak/root requirement to perform stealthy runtime analysis in production-like environments.
  • Combine objection with dynamic instrumentation frameworks like Frida for advanced memory manipulation and patching.
  • Incorporate objection findings into blue team threat hunting to improve detection of runtime tampering and bypass attempts.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about objection. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

3 free chats per tool • Instant responses • No credit card

Security Profile
Red Team90%
Blue Team30%
Purple Team60%
Details
LicenseGNU General Public License v3.0
LanguagePython
Open Issues576
Topics
mobile
pentest
framework
ios
instrumentation
frida
security
android

Related Tools

Mobile-Security-Framework-MobSF icon

Mobile-Security-Framework-MobSF

MobSF/Mobile-Security-Framework-MobSF

Framework

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

20.5K
about 1 month ago
mastg icon

mastg

OWASP/mastg

Documentation

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

12.7K
3 months ago
android-security-awesome icon

android-security-awesome

ashishb/android-security-awesome

Documentation

A collection of android security related resources

9.1K
3 months ago
lamda icon

lamda

firerpa/lamda

Framework

The most powerful Android RPA agent framework, next generation of mobile automation robots.

7.5K
3 months ago
drozer icon

drozer

ReversecLabs/drozer

Framework

The Leading Security Assessment Framework for Android.

4.4K
3 months ago
APKiD icon

APKiD

rednaga/APKiD

Tool

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

2.3K
5 months ago