Python tool that generates an Xmind map with all the information gathered and any evidence of possible vulnerabilities identified via static analysis. The map itself is an Android Application Pentesting Methodology component, which assists Pentesters to cover all important areas during an assessment.
☆125Dec 9, 2018Updated 7 years ago
Alternatives and similar repositories for droidstatx
Users that are interested in droidstatx are comparing it to the libraries listed below
Sorting:
- A playground to practice SSRF Attacks against web apps☆17Oct 15, 2018Updated 7 years ago
- iOS Frida Scripts☆37Oct 2, 2017Updated 8 years ago
- A framework for automated extraction of static and dynamic features from Android applications☆376Dec 7, 2022Updated 3 years ago
- Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite☆323Aug 20, 2017Updated 8 years ago
- StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile ap…☆867Apr 27, 2021Updated 4 years ago
- A proof of concept for Metasploit's CVE-2019-5624 vulnerability (Rubyzip insecure ZIP handling RCE)☆13May 2, 2019Updated 6 years ago
- ☆16Mar 4, 2019Updated 6 years ago
- ☆10Feb 18, 2016Updated 10 years ago
- A better dns bruteforcer written in golang☆13Nov 4, 2018Updated 7 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38May 16, 2017Updated 8 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Nov 7, 2017Updated 8 years ago
- Presentations☆10Oct 2, 2017Updated 8 years ago
- Merge results from NMAP and Masscan into one CSV file☆18Jun 19, 2018Updated 7 years ago
- Repository containing many useful scripts☆75Mar 30, 2022Updated 3 years ago
- Dumain Bruteforcer - a fast and flexible domain bruteforcer☆52Sep 19, 2018Updated 7 years ago
- ☆72Nov 20, 2017Updated 8 years ago
- Android App Security Checklist☆891Aug 27, 2022Updated 3 years ago
- PLASMA PULSAR☆70May 19, 2017Updated 8 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆55Mar 27, 2017Updated 8 years ago
- Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.☆63Feb 26, 2019Updated 7 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- A vulnerable web application to explain and illustrate deserialization of untrusted data with Pickle.☆13Sep 23, 2017Updated 8 years ago
- A frida based hooking framework for android devices used mainly for app research☆14Mar 25, 2018Updated 7 years ago
- GUI for Frida -Scripts☆182Nov 3, 2016Updated 9 years ago
- Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.☆399May 20, 2020Updated 5 years ago
- bash script to facilitate some aspects of an Android application assessment☆159Sep 9, 2021Updated 4 years ago
- A PowerShell example of the Windows zero day priv esc☆328Sep 12, 2018Updated 7 years ago
- Based on URL and Organization Name, collect the IP Ranges, subdomains using various tools like Amass, subfinder, etc.. And check for upho…☆159May 1, 2024Updated last year
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆168Jun 8, 2017Updated 8 years ago
- Deckard performs static and dynamic binary analysis on Android APKs to extract Xposed hooks☆82Jul 7, 2022Updated 3 years ago
- Droidefense: Advance Android Malware Analysis Framework☆478Dec 14, 2022Updated 3 years ago
- Connect to 2-factor WatchGuard VPNs on Linux with OpenVPN☆16Feb 13, 2017Updated 9 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Sep 19, 2017Updated 8 years ago
- A bash script that fetches and maintains thousands of DNS resolvers☆65Aug 24, 2020Updated 5 years ago
- Simple framework to extract "actionable" data from Android malware (C&Cs, phone numbers etc.)☆112May 7, 2015Updated 10 years ago
- SA-CORE-2018-004 POC #drupalgeddon3☆41Apr 28, 2018Updated 7 years ago
- Xanity PHP RAT leak For Researchers☆21Dec 3, 2015Updated 10 years ago
- This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team memb…☆222Aug 4, 2018Updated 7 years ago
- DeepToad is a library and a tool to clusterize similar files using fuzzy hashing☆20Apr 5, 2020Updated 5 years ago