fuzz-security / MobileApp-Pentest-CheatsheetLinks
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
☆71Updated 5 years ago
Alternatives and similar repositories for MobileApp-Pentest-Cheatsheet
Users that are interested in MobileApp-Pentest-Cheatsheet are comparing it to the libraries listed below
Sorting:
- Intentionally vulnerable webview implementions in Android☆57Updated 3 years ago
- Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly☆49Updated 2 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Updated 4 years ago
- ☆97Updated 3 years ago
- Slides and other material from various conference presentations.☆45Updated last month
- Workshop given at Hack in Paris 2019☆122Updated 2 years ago
- This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite …☆42Updated 7 months ago
- ☆44Updated 3 years ago
- This repository is a suplimentary material for Android Training's done by Anant Shrivastava from 2012-2017☆222Updated 4 years ago
- ☆50Updated 4 years ago
- Burp Bounty profiles☆83Updated 3 years ago
- A Proof of Concept for demonstrating Task hijacking in Android using an attacker and a victim app.☆41Updated 4 years ago
- An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentes…☆218Updated 3 years ago
- A Bash wrapper for radamsa that can be used to fuzz exported activities and deep links.☆51Updated 3 years ago
- Compiled dataset of Java deserialization CVEs☆61Updated 4 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Updated 4 years ago
- Fuzzing script for redirect URL validator☆52Updated 5 years ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆56Updated 2 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆107Updated 5 years ago
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆109Updated 3 years ago
- Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code☆64Updated 3 years ago
- Collection of quirky behaviours of code and the CTF challenges that I made around them.☆27Updated 4 years ago
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 3 weeks ago
- ☆167Updated 3 years ago
- A Web-UI for subdomain enumeration (subfinder)☆54Updated 5 years ago
- ☆48Updated 4 years ago
- A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻☆124Updated 2 years ago
- This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.☆75Updated 4 years ago
- ☆55Updated 2 years ago
- Detects request smuggling via HTTP/2 downgrades.☆92Updated 2 years ago