fuzz-security / MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
☆71Updated 4 years ago
Alternatives and similar repositories for MobileApp-Pentest-Cheatsheet:
Users that are interested in MobileApp-Pentest-Cheatsheet are comparing it to the libraries listed below
- Slides and other material from various conference presentations.☆40Updated 3 weeks ago
- Intentionally vulnerable webview implementions in Android☆56Updated 2 years ago
- Authenticated SSRF in Grafana☆79Updated 8 months ago
- Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly☆48Updated 2 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆163Updated 4 years ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆27Updated 4 years ago
- ☆160Updated 3 years ago
- Burp Bounty profiles☆82Updated 3 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆107Updated 3 years ago
- Compiled dataset of Java deserialization CVEs☆61Updated 4 years ago
- A Web-UI for subdomain enumeration (subfinder)☆54Updated 4 years ago
- ☆64Updated 3 years ago
- A extension for collecting parameters☆25Updated 4 years ago
- URL Screenshot Utility☆27Updated last year
- Same Origin XSS challenge☆56Updated 2 years ago
- ☆49Updated 4 years ago
- Script to test open Akamai ARL vulnerability.☆71Updated 3 years ago
- Workshop given at Hack in Paris 2019☆121Updated last year
- Gopher Tomcat Deployer☆48Updated 6 years ago
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- ☆59Updated 8 months ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆131Updated 4 years ago
- ☆97Updated 3 years ago
- Simple "postMessage logger" Chrome extension☆96Updated 4 years ago
- ☆44Updated 3 years ago
- WordPress Plugin Update Confusion☆66Updated 3 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆90Updated 5 years ago
- Detects request smuggling via HTTP/2 downgrades.☆92Updated 2 years ago
- Fuzzing script for redirect URL validator☆49Updated 5 years ago
- This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite …☆41Updated 3 months ago