fuzz-security / MobileApp-Pentest-CheatsheetLinks
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
☆71Updated 5 years ago
Alternatives and similar repositories for MobileApp-Pentest-Cheatsheet
Users that are interested in MobileApp-Pentest-Cheatsheet are comparing it to the libraries listed below
Sorting:
- Slides and other material from various conference presentations.☆44Updated 2 weeks ago
- Intentionally vulnerable webview implementions in Android☆57Updated 3 years ago
- ☆97Updated 3 years ago
- Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly☆49Updated 2 years ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆26Updated 4 years ago
- Burp Bounty profiles☆83Updated 3 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Updated 4 years ago
- Compiled dataset of Java deserialization CVEs☆61Updated 4 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆109Updated 3 years ago
- ☆55Updated 2 years ago
- Authenticated SSRF in Grafana☆82Updated 11 months ago
- This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.☆76Updated 4 years ago
- URL Screenshot Utility☆27Updated 2 years ago
- ☆33Updated 2 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆54Updated 3 years ago
- A Bash wrapper for radamsa that can be used to fuzz exported activities and deep links.☆51Updated 3 years ago
- Workshop given at Hack in Paris 2019☆122Updated last year
- WordPress Plugin Update Confusion☆66Updated 3 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆132Updated 4 years ago
- ☆44Updated 3 years ago
- A tampered payload generator to Fuzz Web Application Firewalls☆36Updated 5 years ago
- ☆53Updated 4 years ago
- Script to test open Akamai ARL vulnerability.☆71Updated 3 years ago
- Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.☆177Updated 3 years ago
- Gopher Tomcat Deployer☆48Updated 6 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆91Updated 5 years ago
- ☆166Updated 3 years ago
- Fuzzing script for redirect URL validator☆52Updated 5 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Updated 4 years ago
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆126Updated 2 years ago