optiv/InsecureShop external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

optiv/InsecureShop

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/optiv/InsecureShop)

Close

optiv / InsecureShopView on GitHubMore

• External links
• Readme badge

An Intentionally designed Vulnerable Android Application built in Kotlin.

☆256Mar 2, 2022Updated 3 years ago

Alternatives and similar repositories for InsecureShop

Users that are interested in InsecureShop are comparing it to the libraries listed below

• oversecured / ovaa

  View on GitHub
  Oversecured Vulnerable Android App
  ☆732Jul 18, 2024Updated last year
• hax0rgb / InsecureShop

  View on GitHub
  An Intentionally designed Vulnerable Android Application built in Kotlin.
  ☆183Apr 19, 2024Updated last year
• optiv / mobile-nuclei-templates

  View on GitHub
  ☆436Jun 1, 2021Updated 4 years ago
• dolevf / Damn-Vulnerable-GraphQL-Application

  View on GitHub
  Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…
  ☆1,676May 24, 2025Updated 9 months ago
• B3nac / InjuredAndroid

  View on GitHub
  A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
  ☆741Jun 25, 2021Updated 4 years ago
• koenbuyens / Vulnerable-OAuth-2.0-Applications

  View on GitHub
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆325Mar 27, 2024Updated last year
• rewanthtammana / Damn-Vulnerable-Bank

  View on GitHub
  Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android…
  ☆734Dec 13, 2023Updated 2 years ago
• HTBridge / pivaa

  View on GitHub
  Created by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of…
  ☆106May 27, 2020Updated 5 years ago
• B3nac / Android-Reports-and-Resources

  View on GitHub
  A big list of Android Hackerone disclosed reports and other resources.
  ☆1,672Sep 10, 2025Updated 5 months ago
• riramar / h2rs

  View on GitHub
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Jul 30, 2022Updated 3 years ago
• saeidshirazi / awesome-android-security

  View on GitHub
  A curated list of Android Security materials and resources For Pentesters and Bug Hunters
  ☆1,868May 5, 2025Updated 9 months ago
• hexploitable / r2con2020_r2frida

  View on GitHub
  This repository houses the materials, slides and exercises from the r2con 2020 walkthrough sessions.
  ☆38Sep 2, 2020Updated 5 years ago
• payatu / diva-android

  View on GitHub
  DIVA Android - Damn Insecure and vulnerable App for Android
  ☆1,088May 19, 2023Updated 2 years ago
• hahwul / authz0

  View on GitHub
  🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
  ☆427Feb 20, 2026Updated last week
• nowsecure / cybertruckchallenge19

  View on GitHub
  Android security workshop material taught during the CyberTruck Challenge 2019 (Detroit USA).
  ☆103Aug 17, 2021Updated 4 years ago
• akabe1 / OAUTHScan

  View on GitHub
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆175Oct 26, 2024Updated last year
• Static-Flow / BurpSuiteAutoCompletion

  View on GitHub
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆164Mar 5, 2021Updated 4 years ago
• kensh1ro / flutter-ssl-bypass

  View on GitHub
  Flutter SSL pinning bypass using IP forwarding
  ☆49Feb 15, 2026Updated last week
• Impact-I / x8-Burp

  View on GitHub
  Hidden parameters discovery suite
  ☆224Nov 14, 2022Updated 3 years ago
• oversecured / OversecuredVulnerableiOSApp

  View on GitHub
  Oversecured Vulnerable iOS App
  ☆232Jan 10, 2024Updated 2 years ago
• MistSpark / DNS-Wordlists

  View on GitHub
  part of my wordlist to bruteforce DNS to find subdoamains.
  ☆61Jul 26, 2021Updated 4 years ago
• teknogeek / ssrf-sheriff

  View on GitHub
  A simple SSRF-testing sheriff written in Go
  ☆336Oct 31, 2024Updated last year
• jaiswalakshansh / Vuldroid

  View on GitHub
  Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code
  ☆66Sep 18, 2021Updated 4 years ago
• BishopFox / iam-vulnerable

  View on GitHub
  Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
  ☆546Sep 11, 2025Updated 5 months ago
• arainho / awesome-api-security

  View on GitHub
  A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…
  ☆3,644Nov 23, 2025Updated 3 months ago
• joefizz / autofindomain

  View on GitHub
  ☆24Jan 26, 2021Updated 5 years ago
• MindPatch / lorsrf

  View on GitHub
  Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load
  ☆297Sep 22, 2024Updated last year
• koenbuyens / oauth-2.0-security-cheat-sheet

  View on GitHub
  oauth security guidelines
  ☆230Jun 25, 2019Updated 6 years ago
• Ch0pin / medusa

  View on GitHub
  Mobile Edge-Dynamic Unified Security Analysis
  ☆2,179Feb 17, 2026Updated last week
• doyensec / burpdeveltraining

  View on GitHub
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆356Oct 14, 2020Updated 5 years ago
• defparam / haptyc

  View on GitHub
  ☆95Sep 18, 2021Updated 4 years ago
• dwisiswant0 / gf-secrets

  View on GitHub
  Secret and/or credential patterns used for gf.
  ☆243Feb 10, 2023Updated 3 years ago
• appsecco / VyAPI

  View on GitHub
  VyAPI - A cloud based vulnerable hybrid Android App
  ☆86Feb 21, 2020Updated 6 years ago
• projectdiscovery / nuclei-action

  View on GitHub
  Vulnerability Scan with Nuclei
  ☆278Feb 14, 2026Updated 2 weeks ago
• iamsarvagyaa / AndroidSecNotes

  View on GitHub
  An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentes…
  ☆225Aug 26, 2021Updated 4 years ago
• jdonsec / AllThingsSSRF

  View on GitHub
  This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
  ☆1,361Jan 24, 2021Updated 5 years ago
• facebook / mariana-trench

  View on GitHub
  A security focused static analysis tool for Android and Java applications.
  ☆1,214Feb 20, 2026Updated last week
• RavikumarRamesh / hpAndro1337

  View on GitHub
  Repository for download all version of @hpAndro1337 (Android AppSec) application.
  ☆102Dec 26, 2023Updated 2 years ago
• t0thkr1s / allsafe-android

  View on GitHub
  Intentionally vulnerable Android application.
  ☆366Sep 20, 2025Updated 5 months ago