offensive-mobile

SkillSkillsMP

io.github.SnailSploit/Claude-Red/offensive-mobile · vmain

Mobile (Android + iOS) application penetration testing methodology. Covers static analysis (apktool/jadx for Android, class-dump/Hopper/IDA for iOS), dynamic instrumentation with Frida and Objection, SSL pinning bypass strategies, root/jailbreak detection bypass, deep-link / URL-scheme abuse, exported component attacks (Android activities, services, providers, receivers; iOS XPC, URL schemes, universal links), insecure data storage (SharedPrefs, KeyStore misuse, NSUserDefaults, Keychain ACL bypass), IPC / Intent redirection, WebView vulnerabilities (JavaScriptInterface, file:// access), Firebase/AWS/Azure misconfiguration leakage, mobile API testing, biometric/Face ID/Touch ID bypass, app-cloning and runtime patching, and mobile malware/RAT analysis primitives. Use for mobile pentest, bug bounty mobile triage, or app-store reconnaissance.

在 SkillsMP 查看 ↗源仓库 ↗

概览

offensive-mobile 是一个Agent Skill，收录自 SkillsMP。本页提供 Cursor、Claude Code 等客户端的安装配置片段。

Agent Skill 是带 SKILL.md 的指令包。安装后，AI 会根据 description 在匹配任务时自动加载，无需每次手动粘贴提示词。

安装

选择你的平台查看安装方式

# 通用 CLI（Cursor / Claude Code / Codex 等均支持）
npx skills add SnailSploit/Claude-Red@offensive-mobile

使用方式

安装完成后，在对话中直接描述你的任务（或提及技能名称）。Agent 会先读取 SKILL.md 的 description 判断是否启用，再按其中的步骤执行。可用 /skills（Claude Code）或在设置中查看已加载的 Skills。

统一 Manifest

{
  "id": "io.github.SnailSploit/Claude-Red/offensive-mobile",
  "type": "skill",
  "version": "main",
  "displayName": "offensive-mobile",
  "description": "Mobile (Android + iOS) application penetration testing methodology. Covers static analysis (apktool/jadx for Android, class-dump/Hopper/IDA for iOS), dynamic instrumentation with Frida and Objection, SSL pinning bypass strategies, root/jailbreak detection bypass, deep-link / URL-scheme abuse, exported component attacks (Android activities, services, providers, receivers; iOS XPC, URL schemes, universal links), insecure data storage (SharedPrefs, KeyStore misuse, NSUserDefaults, Keychain ACL bypass), IPC / Intent redirection, WebView vulnerabilities (JavaScriptInterface, file:// access), Firebase/AWS/Azure misconfiguration leakage, mobile API testing, biometric/Face ID/Touch ID bypass, app-cloning and runtime patching, and mobile malware/RAT analysis primitives. Use for mobile pentest, bug bounty mobile triage, or app-store reconnaissance.",
  "author": {
    "name": "SnailSploit",
    "url": "https://github.com/SnailSploit"
  },
  "repository": {
    "url": "https://github.com/SnailSploit/Claude-Red",
    "source": "github",
    "subfolder": "Skills/mobile/offensive-mobile"
  },
  "homepage": "https://skillsmp.com/skills/snailsploit-claude-red-skills-mobile-offensive-mobile-skill-md",
  "distribution": {
    "packages": [
      {
        "registryType": "source",
        "identifier": "SnailSploit/Claude-Red@offensive-mobile",
        "version": "main",
        "runtimeHint": "npx skills add"
      }
    ],
    "remotes": []
  },
  "dependencies": [],
  "installTargets": [
    "claude-code",
    "claude-desktop",
    "cursor",
    "codex",
    "vscode"
  ],
  "keywords": [
    "stars:2224"
  ],
  "provenance": {
    "origin": "skillsmp",
    "originalId": "snailsploit-claude-red-skills-mobile-offensive-mobile-skill-md",
    "originalUrl": "https://skillsmp.com/skills/snailsploit-claude-red-skills-mobile-offensive-mobile-skill-md",
    "isOfficial": false,
    "status": "active"
  }
}

offensive-mobile

概览

安装

使用方式

相关资源

react-doctor

emcn-design-review

react-best-practices

cookbook-review-pr

oma-mobile

oma-backend

统一 Manifest