The European Union has released their own linux distro Eu-OS based fedora distribution

https://eu-os.gitlab.io/

APKLEAKS

• apkleaks is a powerful tool (based on Jadx) to extract :

▲ secrets from apk
▲ URLs/endpoints
▲ IP adresses
▲ general info about the authorization
▲ more and more

• apkleaks supports :
ⓘ JSON output format
ⓘ Custom patterns/outputs
ⓘ Windows/Linux/Android(Termux)

• installation :
▲ Docker

docker pull dwisiswant0/apkleaks:latest

▲ pip/pip3

pip3 install apkleaks

▲ git

git clone https://github.com/dwisiswant0/apkleaks

cd apkleaks/

pip3 install -r requirements.txt

Github : https://github.com/dwisiswant0/apkleaks

Shared by @reverseengineer101

Waydroid

A container-based approach to boot a full Android system on regular GNU/Linux systems running Wayland based desktop environments.

https://waydro.id

Activaite windows to cross 😂

GDA(GJoy Dex Analyzer)
Is a great tool for android apks analysis and reverse engineering, also a great alternative of Jadx-gui since it's so fast (based on C++)

https://github.com/charles2gan/GDA-android-reversing-Tool

If you have trouble with programs or exe that only runs on Windows while you are using Linux
You can simply use wine to run these on your linux machine

Wine (originally an acronym for "Wine Is Not an Emulator") is a compatibility layer capable of running Windows applications on several POSIX-compliant operating systems, such as Linux, macOS, & BSD. Instead of simulating internal Windows logic like a virtual machine or emulator, Wine translates Windows API calls into POSIX calls on-the-fly, eliminating the performance and memory penalties of other methods and allowing you to cleanly integrate Windows applications into your desktop.

Official website : https://www.winehq.org/

You can use apt to install as well (I tested on Debian based distros)
@reverseengineer101

APKWeaker : https://github.com/Dark-Night0/APKWeaker

APKWeaker is a command-line tool designed to simplify the process of modifying Android APKs for testing and debugging purposes It automates the process of pulling APKs from the Android emulator, decompiling them, injecting networkSecurityConfiguration into the base.apk if the application uses Split Packages to allow ClearTextTraffic (HTTP), forcing the application to trust a certificate (user, system), rebuilding the APKs, and signing them for reinstallation

Jwt_tool crack and attack json web tokens

Its functionality includes:
Checking the validity of a token
Testing for known exploits:
(CVE-2015-2951) The alg=none signature-bypass vulnerability
(CVE-2016-10555) The RS/HS256 public key mismatch vulnerability
(CVE-2018-0114) Key injection vulnerability
(CVE-2019-20933/CVE-2020-28637) Blank password vulnerability
(CVE-2020-28042) Null signature vulnerability
(CVE-2022-21449) Psychic Signature ECDSA vulnerability
Scanning for misconfigurations or known weaknesses
Fuzzing claim values to provoke unexpected behaviours
Testing the validity of a secret/key file/Public Key/JWKS key
Identifying weak keys via a High-speed Dictionary Attack
Forging new token header and payload contents and creating a new signature with the key or via another attack method
Timestamp tampering
RSA and ECDSA key generation, and reconstruction (from JWKS files)
Rate-limiting for all attacks
...and lots more!

https://github.com/ticarpi/jwt_tool

a new release of the reai plugin is out

Exodia OS

A highly customized arch-based distro For All Cybersecurity fields

https://exodia-os.github.io

Company : we have a great security system, we can't be hacked

The HR just won an iPhone ...
😂 😂 😂

https://www.darkentry.net

Check your email's or work's email password if it has been breached for free without registration

This check is based on hackers data bases and what's leaked on dark web

Dark entry is a trusted source and they are monitoring the dark web as well so if you have your own company they can help you, managed by Ebrahem Hegazy

Post by, @reverseengineer101

⚠️ CVE-2025-32463

- Local privilege escalation: sudo versions 1.9.14 – 1.9.17

- CVSS: 9.3 (critical)

- reason :

/etc/nsswitch.conf from a user-controlled directory is used with the --chroot option

- exploit :
https://github.com/kh4sh3i/CVE-2025-32463

@reverseengineer101

BF has gone, maybe forever

For Egyptians

If you are looking for a place that you can find free professional courses in different fields as well as certificates then, Maharatech (ITI) is the place you are searching for

Visit https://maharatech.gov.eg