fuzz-security / MobileApp-Pentest-CheatsheetLinks
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
☆71Updated 5 years ago
Alternatives and similar repositories for MobileApp-Pentest-Cheatsheet
Users that are interested in MobileApp-Pentest-Cheatsheet are comparing it to the libraries listed below
Sorting:
- Slides and other material from various conference presentations.☆46Updated last month
- Compiled dataset of Java deserialization CVEs☆60Updated 5 years ago
- Intentionally vulnerable webview implementions in Android☆57Updated 3 years ago
- ☆97Updated 3 years ago
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆128Updated 2 years ago
- Clone me and get your own authentic Parsia-Clone today.☆46Updated last week
- Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.☆110Updated 3 years ago
- Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly☆51Updated 2 years ago
- A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻☆126Updated 3 years ago
- ☆56Updated 4 years ago
- Practice hacking JWT tokens☆116Updated 3 years ago
- Burp Bounty profiles☆83Updated 3 years ago
- Fuzzing script for redirect URL validator☆53Updated 5 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆54Updated 3 years ago
- ☆51Updated 5 years ago
- Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions.☆178Updated 4 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆174Updated last year
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Updated 4 years ago
- Workshop given at Hack in Paris 2019☆124Updated 2 years ago
- all domains and his subdoamins☆64Updated 5 years ago
- ☆53Updated 4 years ago
- A tampered payload generator to Fuzz Web Application Firewalls☆35Updated 5 years ago
- A Bash wrapper for radamsa that can be used to fuzz exported activities and deep links.☆52Updated 4 years ago
- Public Disclosures☆91Updated 3 years ago
- Authenticated SSRF in Grafana☆82Updated last year
- AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or security researchers find potential security v…☆47Updated 2 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆106Updated 5 years ago
- cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vul…☆142Updated 4 years ago
- ☆34Updated 3 years ago
- This repository contains all the examples related to a series of tutorials that demonstrate how to use the new Montoya API of Burp Suite …☆44Updated 11 months ago