fuzz-security / MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
☆71Updated 4 years ago
Alternatives and similar repositories for MobileApp-Pentest-Cheatsheet:
Users that are interested in MobileApp-Pentest-Cheatsheet are comparing it to the libraries listed below
- Slides and other material from various conference presentations.☆40Updated 3 years ago
- Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly☆47Updated last year
- ☆97Updated 3 years ago
- Intentionally vulnerable webview implementions in Android☆56Updated 2 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆163Updated 3 years ago
- Same Origin XSS challenge☆56Updated 2 years ago
- ☆44Updated 3 years ago
- A Bash wrapper for radamsa that can be used to fuzz exported activities and deep links.☆51Updated 3 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆107Updated 3 years ago
- ☆159Updated 3 years ago
- Compiled dataset of Java deserialization CVEs☆61Updated 4 years ago
- An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentes…☆209Updated 3 years ago
- ☆64Updated 3 years ago
- This repository explain how to write frida hook scripts and analysis written hooks.☆80Updated last year
- A Proof of Concept for demonstrating Task hijacking in Android using an attacker and a victim app.☆41Updated 3 years ago
- This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite …☆41Updated 2 months ago
- Detects request smuggling via HTTP/2 downgrades.☆92Updated 2 years ago
- ☆53Updated 3 years ago
- Gopher Tomcat Deployer☆47Updated 6 years ago
- Burp Bounty profiles☆82Updated 3 years ago
- AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or security researchers find potential security v…☆43Updated last year
- all domains and his subdoamins☆60Updated 4 years ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆27Updated 4 years ago
- A tampered payload generator to Fuzz Web Application Firewalls☆36Updated 5 years ago
- Fuzzing script for redirect URL validator☆49Updated 5 years ago
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆122Updated 2 years ago
- A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻☆124Updated 2 years ago
- Workshop given at Hack in Paris 2019☆121Updated last year
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆117Updated last year
- ☆78Updated 9 months ago