MobSF / owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
☆61Updated 2 years ago
Alternatives and similar repositories for owasp-mstg:
Users that are interested in owasp-mstg are comparing it to the libraries listed below
- Intentionally vulnerable webview implementions in Android☆56Updated 2 years ago
- The Android Penetration Testing Steps repository is intended for security professionals, penetration testers, developers, and anyone who …☆112Updated last year
- An Intentionally designed Vulnerable Android Application built in Kotlin.☆147Updated 9 months ago
- ☆38Updated last year
- Checks if an Android application has successfully completed the "App Link Verification" process for Android App Links.☆56Updated 11 months ago
- Intentionally vulnerable Android application.☆232Updated 10 months ago
- Some Useful Tricks for Pentest Android and iOS Apps☆92Updated 2 months ago
- You can find hardcoded Api-Key,Secret,Token Etc..☆80Updated 2 years ago
- The scripts helps security analsts to identify misconfigured firebase instances.☆207Updated 2 years ago
- Static and dynamic Android application security analysis☆72Updated 8 months ago
- Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code☆64Updated 3 years ago
- An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentes…☆208Updated 3 years ago
- A Proof of Concept for demonstrating Task hijacking in Android using an attacker and a victim app.☆40Updated 3 years ago
- Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly☆47Updated last year
- A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.☆267Updated 6 months ago
- ☆97Updated 3 years ago
- Tool to mass analyse potentially exposed Firebase databases on Android apps☆59Updated 5 years ago
- Android Penetration Testing setup tool. Garuda automates the installation of the required tools to perform Android Security Analysis.☆68Updated last year
- A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities☆116Updated last year
- Where's My Browser? Learn hacking WebViews (Android Mobile App)☆41Updated 6 years ago
- ☆25Updated last year
- Android tapjacking quick PoC tool☆29Updated 2 years ago
- Bypass security checks in IOSSecuritySuite and Rootbear☆43Updated last year
- Exploiting XSS with Javascript/JPEG Polyglot (by @medusa_0xf)☆21Updated 2 years ago
- ☆39Updated last year
- ☆139Updated 4 years ago
- Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Sui…☆109Updated last year
- AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or security researchers find potential security v…☆43Updated last year
- A list of threat sinks used in the manual security source code review for application security☆70Updated last year
- NotSoCereal: A Deserialization exploit playground☆51Updated 3 years ago