Ejecuta cualquier Skill en Manus
con un clic

Ejecuta cualquier Skill en Manus con un clic

mobile-overview

Estrellas4445

Forks878

Actualizado2 de junio de 2026, 21:04

Use when the engagement target is an Android (APK / AAB) or iOS (IPA) application. Covers static analysis (jadx, apktool, class-dump), dynamic instrumentation via Frida and Objection, SSL-pinning bypass, root/jailbreak detection bypass, deep-link / URL-scheme abuse, exported-component attacks, IPC redirection, WebView vulnerabilities, and biometric / Face ID / Touch ID bypass.

Instalación

Instalar con Codex o Claude Copia este prompt, pégalo en Codex, Claude u otro asistente, y deja que revise la página de la skill y la instale por ti.

Ejecutar en Manus

Fuente

PurpleAILAB

PurpleAILAB/Decepticon

Abrir repositorio de GitHub Ver repositorios del creador

Descarga

Ejecutar en Manus

Ocupaciones relacionadasSOC

Basado en la clasificación ocupacional SOC

Analistas de seguridad de la informaciónOcupaciones informáticas y matemáticas·SOC 15-1212

Explorador de archivos

5 archivos

SKILL.md

readonly

name	mobile-overview
description	>

Mobile Operator Skill Catalog

Mobile is 40% of modern bug-bounty programs and is conspicuously absent from Strix and XBOW commercial. This catalog covers both platforms with shared Frida tooling for runtime work.

Playbooks — Android

Skill	Use for
`/skills/standard/mobile/android/apk-triage/SKILL.md`	apktool decode + jadx -d for source recovery
`/skills/standard/mobile/android/manifest-analysis/SKILL.md`	exported components, permissions, deeplinks
`/skills/standard/mobile/android/insecure-storage/SKILL.md`	SharedPreferences / SQLite / external storage scans
`/skills/standard/mobile/android/intent-redirection/SKILL.md`	Intent forwarding / pendingIntent abuse
`/skills/standard/mobile/android/webview-flaws/SKILL.md`	JavaScriptInterface, file:// access, mixed content
`/skills/standard/mobile/android/frida-ssl-pin-bypass/SKILL.md`	OkHttp / TrustKit / Cordova pin-bypass scripts
`/skills/standard/mobile/android/root-detect-bypass/SKILL.md`	Common root-detection libraries and their bypasses

Playbooks — iOS

Skill	Use for
`/skills/standard/mobile/ios/ipa-triage/SKILL.md`	class-dump-z + Hopper; Mach-O headers; entitlements
`/skills/standard/mobile/ios/keychain-acl/SKILL.md`	Keychain ACL misconfigurations; `kSecAccessControl` flags
`/skills/standard/mobile/ios/url-scheme-abuse/SKILL.md`	Universal links + URL scheme handler attacks
`/skills/standard/mobile/ios/xpc-services/SKILL.md`	XPC interface enumeration; unauthenticated XPC services
`/skills/standard/mobile/ios/frida-trust-killer/SKILL.md`	SSL Kill Switch + Frida pin-bypass for iOS apps
`/skills/standard/mobile/ios/jailbreak-detect-bypass/SKILL.md`	DTAppJailbreakDetectorSwift, Liberty Lite, common patterns

Cross-platform

Skill	Use for
`/skills/standard/mobile/frida-bridge/SKILL.md`	frida-server install on emulator / jailbroken device; basic scripts
`/skills/standard/mobile/objection-walkthrough/SKILL.md`	Objection cheatsheet (env, memory, sqlite, classes)
`/skills/standard/mobile/firebase-misconfig/SKILL.md`	Firebase /Firestore RLS / Storage / Auth bypasses
`/skills/standard/mobile/mobile-api-testing/SKILL.md`	Burp / Caido proxy → mobile API endpoint enumeration

Workflow

Triage: jadx for Android, class-dump for iOS. Search strings for API endpoints, Firebase config, AWS keys.
Static: AndroidManifest.xml exported components; iOS Info.plist URL schemes + entitlements.
Dynamic setup: Frida server on a rooted emulator (Android) or jailbroken physical device (iOS); Objection for quick inspection.
SSL pin bypass: Frida script; verify HTTPS now visible in Burp.
API enumeration: re-route the app through the proxy; spider reachable endpoints; export to Burp project for later web-recon-style testing.
Insecure storage: pull /data/data/<pkg>/ (Android) or app container (iOS); grep for credentials, tokens, PII.
Component-level attacks: send crafted Intents (adb shell am start ...) or URL-scheme payloads (xcrun simctl openurl ...).

Tools sandbox

adb + emulator / physical device.
jadx, apktool, dex2jar, jd-gui.
class-dump, Hopper Disassembler, IDA Free (host-side).
Frida-server (per device), frida (host), objection.
mitmproxy / Burp Suite Community / Caido (PR #304 lands the LangChain Caido tool bundle).
MobSF (mobsf Docker image) for automated triage when speed matters.

Más de este repositorio

mismo repositorio

decepticon

PurpleAILAB/Decepticon

Drive Decepticon — an autonomous multi-agent red-team framework — over MCP to run authorized penetration tests and bug-bounty engagements end to end, then watch and steer them live from chat. Launch an engagement against a target, poll its transcript to narrate progress, send messages to refocus it, and pull findings as SARIF. Use when the user asks to run a pentest/red-team engagement, hunt a bug bounty, do recon, exploit/scan a host, web app, API, network, cloud, Active Directory, mobile app, or smart contract WITH Decepticon — or to check/resume a running engagement or report what Decepticon found. Triggers: run a decepticon engagement, pentest this with decepticon, bug bounty, recon this target, red team this, scan this host, resume the engagement, what did decepticon find, decepticon status. Do NOT use for ad-hoc local tool runs (running nmap/sqlmap/ffuf directly) when no Decepticon server is involved — this drives the Decepticon orchestrator, not raw tools.

2026-06-164.4k

iot-security

PurpleAILAB/Decepticon

IoT device security reconnaissance — firmware extraction, embedded analysis, protocol identification, default credential checking, vulnerability scanning, device fingerprinting.

2026-06-154.4k

mobile-security

PurpleAILAB/Decepticon

Mobile application security reconnaissance — APK/IPA analysis, permission enumeration, certificate validation, hardcoded secret detection, insecure storage identification, network security analysis.

2026-06-154.4k

wireless-security

PurpleAILAB/Decepticon

Wireless network security reconnaissance — WiFi analysis, Bluetooth assessment, RFID/NFC evaluation, signal capture, protocol analysis, encryption testing, rogue device detection.

2026-06-154.4k

finding-protocol

PurpleAILAB/Decepticon

Operational-tier finding template — minimal fields for sub-agent decision support. Heavyweight deliverable promotion lives in skills/decepticon/final-report.

2026-06-124.4k

engagement-lifecycle

PurpleAILAB/Decepticon

Red team engagement lifecycle management — initiation, phase transitions, go/no-go gates, deconfliction, emergency procedures, completion.

2026-06-124.4k

name	mobile-overview
description	>

Mobile Operator Skill Catalog

Mobile is 40% of modern bug-bounty programs and is conspicuously absent from Strix and XBOW commercial. This catalog covers both platforms with shared Frida tooling for runtime work.

Playbooks — Android

Skill	Use for
`/skills/standard/mobile/android/apk-triage/SKILL.md`	apktool decode + jadx -d for source recovery
`/skills/standard/mobile/android/manifest-analysis/SKILL.md`	exported components, permissions, deeplinks
`/skills/standard/mobile/android/insecure-storage/SKILL.md`	SharedPreferences / SQLite / external storage scans
`/skills/standard/mobile/android/intent-redirection/SKILL.md`	Intent forwarding / pendingIntent abuse
`/skills/standard/mobile/android/webview-flaws/SKILL.md`	JavaScriptInterface, file:// access, mixed content
`/skills/standard/mobile/android/frida-ssl-pin-bypass/SKILL.md`	OkHttp / TrustKit / Cordova pin-bypass scripts
`/skills/standard/mobile/android/root-detect-bypass/SKILL.md`	Common root-detection libraries and their bypasses

Playbooks — iOS

Skill	Use for
`/skills/standard/mobile/ios/ipa-triage/SKILL.md`	class-dump-z + Hopper; Mach-O headers; entitlements
`/skills/standard/mobile/ios/keychain-acl/SKILL.md`	Keychain ACL misconfigurations; `kSecAccessControl` flags
`/skills/standard/mobile/ios/url-scheme-abuse/SKILL.md`	Universal links + URL scheme handler attacks
`/skills/standard/mobile/ios/xpc-services/SKILL.md`	XPC interface enumeration; unauthenticated XPC services
`/skills/standard/mobile/ios/frida-trust-killer/SKILL.md`	SSL Kill Switch + Frida pin-bypass for iOS apps
`/skills/standard/mobile/ios/jailbreak-detect-bypass/SKILL.md`	DTAppJailbreakDetectorSwift, Liberty Lite, common patterns

Cross-platform

Skill	Use for
`/skills/standard/mobile/frida-bridge/SKILL.md`	frida-server install on emulator / jailbroken device; basic scripts
`/skills/standard/mobile/objection-walkthrough/SKILL.md`	Objection cheatsheet (env, memory, sqlite, classes)
`/skills/standard/mobile/firebase-misconfig/SKILL.md`	Firebase /Firestore RLS / Storage / Auth bypasses
`/skills/standard/mobile/mobile-api-testing/SKILL.md`	Burp / Caido proxy → mobile API endpoint enumeration

Workflow

Triage: jadx for Android, class-dump for iOS. Search strings for API endpoints, Firebase config, AWS keys.
Static: AndroidManifest.xml exported components; iOS Info.plist URL schemes + entitlements.
Dynamic setup: Frida server on a rooted emulator (Android) or jailbroken physical device (iOS); Objection for quick inspection.
SSL pin bypass: Frida script; verify HTTPS now visible in Burp.
API enumeration: re-route the app through the proxy; spider reachable endpoints; export to Burp project for later web-recon-style testing.
Insecure storage: pull /data/data/<pkg>/ (Android) or app container (iOS); grep for credentials, tokens, PII.
Component-level attacks: send crafted Intents (adb shell am start ...) or URL-scheme payloads (xcrun simctl openurl ...).

Tools sandbox

adb + emulator / physical device.
jadx, apktool, dex2jar, jd-gui.
class-dump, Hopper Disassembler, IDA Free (host-side).
Frida-server (per device), frida (host), objection.
mitmproxy / Burp Suite Community / Caido (PR #304 lands the LangChain Caido tool bundle).
MobSF (mobsf Docker image) for automated triage when speed matters.