MobSF / owasp-mstg
The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
☆55Updated last year
Related projects: ⓘ
- ☆36Updated 8 months ago
- The Android Penetration Testing Steps repository is intended for security professionals, penetration testers, developers, and anyone who …☆99Updated last year
- Checks if an Android application has successfully completed the "App Link Verification" process for Android App Links.☆47Updated 6 months ago
- Static and dynamic Android application security analysis☆72Updated 3 months ago
- ☆96Updated 2 years ago
- Intentionally vulnerable webview implementions in Android☆53Updated 2 years ago
- Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly☆45Updated last year
- ☆135Updated 4 years ago
- Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code☆62Updated 3 years ago
- This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite …☆33Updated last month
- Intentionally vulnerable Android application.☆206Updated 5 months ago
- AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or security researchers find potential security v…☆42Updated last year
- The scripts helps security analsts to identify misconfigured firebase instances.☆198Updated 2 years ago
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…☆70Updated 4 years ago
- Where's My Browser? Learn hacking WebViews (Android Mobile App)☆37Updated 6 years ago
- You can find hardcoded Api-Key,Secret,Token Etc..☆77Updated 2 years ago
- A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)☆118Updated 2 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 3 years ago
- Detects request smuggling via HTTP/2 downgrades.☆92Updated 2 years ago
- A list of threat sinks used in the manual security source code review for application security☆69Updated last year
- Burp Extension to add additional functionality for pentesting websocket based applications☆80Updated 3 months ago
- This repository explain how to write frida hook scripts and analysis written hooks.☆78Updated last year
- An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentes…☆202Updated 3 years ago
- ☆64Updated 2 years ago
- Massive Mobile Security Framework☆184Updated last month
- Flutter SSL pinning bypass using IP forwarding☆46Updated 2 years ago
- An Intentionally designed Vulnerable Android Application built in Kotlin.☆137Updated 5 months ago
- Automated script to convert and push Burp Suite certificate in Android, and modify Android's IP table to redirect all traffic to Burp Sui…☆106Updated last year
- One-click installer for Frida and Burp certs for SSL Pinning bypass☆78Updated last year