MobSF / owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
☆68Updated 2 years ago
Alternatives and similar repositories for owasp-mstg
Users that are interested in owasp-mstg are comparing it to the libraries listed below
Sorting:
- The Android Penetration Testing Steps repository is intended for security professionals, penetration testers, developers, and anyone who …☆122Updated 2 years ago
- Intentionally vulnerable webview implementions in Android☆56Updated 3 years ago
- ☆41Updated last year
- Tool to mass analyse potentially exposed Firebase databases on Android apps☆59Updated 5 years ago
- Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly☆49Updated 2 years ago
- Intentionally vulnerable Android application.☆247Updated last month
- Some Useful Tricks for Pentest Android and iOS Apps☆113Updated last month
- Static and dynamic Android application security analysis☆73Updated 11 months ago
- AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or security researchers find potential security v…☆45Updated 2 years ago
- ☆141Updated 5 years ago
- A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.☆282Updated 9 months ago
- ☆27Updated last year
- The scripts helps security analsts to identify misconfigured firebase instances.☆214Updated 2 years ago
- Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code☆64Updated 3 years ago
- A Burp Suite extension for CSRF proof of concepts.☆51Updated 2 years ago
- Checks if an Android application has successfully completed the "App Link Verification" process for Android App Links.☆56Updated last year
- An Intentionally designed Vulnerable Android Application built in Kotlin.☆158Updated last year
- Android BugBazaar: Your mobile appsec playground to Explore, Exploit, Excel☆49Updated 9 months ago
- A Proof of Concept for demonstrating Task hijacking in Android using an attacker and a victim app.☆41Updated 4 years ago
- An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentes…☆217Updated 3 years ago
- Insecure Firebase | Bugbounty | Hacking Insecure Firbase☆90Updated 3 years ago
- A list of threat sinks used in the manual security source code review for application security☆71Updated 2 years ago
- Exploiting XSS with Javascript/JPEG Polyglot (by @medusa_0xf)☆20Updated 3 years ago
- Android tapjacking quick PoC tool☆31Updated 2 years ago
- APK downloader from few sources☆130Updated last month
- NotSoCereal: A Deserialization exploit playground☆52Updated 3 years ago
- Android Penetration Testing setup tool. Garuda automates the installation of the required tools to perform Android Security Analysis.☆68Updated last year
- Burp Extension to add additional functionality for pentesting websocket based applications☆93Updated 11 months ago
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆89Updated 4 months ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆77Updated last year