Mobile penetration testing android & iOS command cheatsheet
β384Jan 29, 2026Updated last month
Alternatives and similar repositories for Command-Mobile-Penetration-Testing-Cheatsheet
Users that are interested in Command-Mobile-Penetration-Testing-Cheatsheet are comparing it to the libraries listed below
Sorting:
- Runtime Mobile Security (RMS) π±π₯ - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtimeβ2,978Feb 28, 2026Updated last week
- The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penβ¦β5,154Feb 8, 2024Updated 2 years ago
- A tool to automate the boring process of APK reconβ345Sep 30, 2022Updated 3 years ago
- A Collection of Android Pentest Learning Materialsβ410Sep 28, 2020Updated 5 years ago
- A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.β742Jun 25, 2021Updated 4 years ago
- StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile apβ¦β867Apr 27, 2021Updated 4 years ago
- A big list of Android Hackerone disclosed reports and other resources.β1,672Sep 10, 2025Updated 5 months ago
- Extract endpoints from APK filesβ882May 22, 2024Updated last year
- A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the aβ¦β325Jun 4, 2024Updated last year
- Collection of useful FRIDA Mobile Scriptsβ424Aug 10, 2021Updated 4 years ago
- A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.β1,458Jun 3, 2021Updated 4 years ago
- VyAPI - A cloud based vulnerable hybrid Android Appβ86Feb 21, 2020Updated 6 years ago
- [Official] Android reverse engineering tool focused on dynamic instrumentation automation leveraging Frida. It disassembles dex, analyzesβ¦β1,120Feb 2, 2023Updated 3 years ago
- β143Apr 20, 2020Updated 5 years ago
- β22Apr 12, 2023Updated 2 years ago
- Penetration tests guide based on OWASP including test cases, resources and examples.β2,767Mar 23, 2022Updated 3 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.β303Feb 12, 2023Updated 3 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,082Aug 14, 2024Updated last year
- A collection of scripts to extend Burp Suiteβ142Apr 8, 2019Updated 6 years ago
- A collection of custom security tools for quick needs.β3,284May 1, 2023Updated 2 years ago
- This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file pathβ107Aug 4, 2020Updated 5 years ago
- Oversecured Vulnerable Android Appβ731Jul 18, 2024Updated last year
- Hunting Bugs for Fun and Profitβ275Jul 29, 2020Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resourcesβ2,482Oct 12, 2024Updated last year
- A curated list of amazingly awesome Burp Extensionsβ3,372Feb 17, 2026Updated 2 weeks ago
- Extract relative urls from a heap snapshotβ87May 30, 2021Updated 4 years ago
- Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug huβ¦β2,339Jun 27, 2024Updated last year
- β250Jun 6, 2018Updated 7 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the acβ¦β1,774Apr 26, 2024Updated last year
- Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark ofβ¦β106May 27, 2020Updated 5 years ago
- Scanning APK file for URIs, endpoints & secrets.β5,982Aug 20, 2025Updated 6 months ago
- An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respectβ¦β3,426Mar 1, 2024Updated 2 years ago
- Mobile Edge-Dynamic Unified Security Analysisβ2,183Feb 26, 2026Updated last week
- The Outlook HTML Leak Test Projectβ41May 12, 2018Updated 7 years ago
- Quick SQLMap Tamper Suggesterβ1,397Jul 18, 2022Updated 3 years ago
- An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security β¦β224Dec 23, 2021Updated 4 years ago
- Clientside vulnerability / reflected xss fuzzerβ149Jul 29, 2023Updated 2 years ago
- The cheat sheet about Java Deserialization vulnerabilitiesβ3,167May 26, 2023Updated 2 years ago
- A collection of hacks and one-off scriptsβ2,423Mar 13, 2025Updated 11 months ago