Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly
☆52Mar 15, 2026Updated last week
Alternatives and similar repositories for ScanAndroidXML
Users that are interested in ScanAndroidXML are comparing it to the libraries listed below
Sorting:
- File system enumerator and monitor for Android and Ubuntu.☆17Sep 25, 2021Updated 4 years ago
- List of custom Nuclei templates☆16Nov 4, 2023Updated 2 years ago
- Android Penetration Testing setup tool. Garuda automates the installation of the required tools to perform Android Security Analysis.☆73Sep 10, 2023Updated 2 years ago
- AndroGoat☆341Nov 22, 2025Updated 4 months ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Jun 12, 2022Updated 3 years ago
- This script identifies Host Header Injection vulnerabilities in a list of URLs or a specific domain, outputting the vulnerable locations …�☆15May 23, 2023Updated 2 years ago
- OWASP ZAP add-on to detect reflected parameter vulnerabilities efficiently☆12Feb 19, 2021Updated 5 years ago
- Tool to hack Graphql☆15Oct 17, 2023Updated 2 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆12Jun 18, 2018Updated 7 years ago
- backdoor exploit for vsftpd 2.3.4 on python☆16Oct 14, 2023Updated 2 years ago
- A Bash wrapper for radamsa that can be used to fuzz exported activities and deep links.☆52Aug 17, 2021Updated 4 years ago
- Where's My Browser? Learn hacking WebViews (Android Mobile App)☆44Jul 31, 2018Updated 7 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆35Aug 30, 2022Updated 3 years ago
- A collection of js analysis tools & scripts.☆19Mar 8, 2026Updated 2 weeks ago
- 基于Drozer对Android的四大组件进行批量处理☆22Jan 15, 2020Updated 6 years ago
- parse ffuf & map endpoints to wordlists☆21Feb 25, 2021Updated 5 years ago
- ☆17Jul 20, 2018Updated 7 years ago
- Droz_scan is a automated script, that runs all the queries of drozer in a single run☆26May 15, 2023Updated 2 years ago
- WebDirScan is a tool for brute-forcing URIs (directories and files) on web servers by taking input directory to scan for files & director…☆11Mar 31, 2023Updated 2 years ago
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 8 months ago
- Various fuzzers written in Python. Currently has a TCP server for fuzzing client software, and a CLI fuzzer to use against programs ran f…☆11Feb 14, 2018Updated 8 years ago
- Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins☆86Jun 16, 2023Updated 2 years ago
- Tool to get the top android apps for bug bounty purpose☆17Sep 10, 2020Updated 5 years ago
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆22Feb 12, 2023Updated 3 years ago
- 一款被动扫描ssrf的burpsuite插件☆20Dec 30, 2022Updated 3 years ago
- ☆15Apr 5, 2023Updated 2 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- ☆27Mar 5, 2023Updated 3 years ago
- recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…☆25Feb 11, 2023Updated 3 years ago
- Reconflow is all in one tool for gathering reconnaissance information about a target in a penetration test☆14Jul 18, 2021Updated 4 years ago
- A repository of JavaScript XSS attacks against client browsers☆104Jul 29, 2020Updated 5 years ago
- ☆44Apr 30, 2021Updated 4 years ago
- Filter URLs that match your scope file for bugbounty.☆11May 23, 2023Updated 2 years ago
- Intentionally vulnerable webview implementions in Android☆59Apr 22, 2022Updated 3 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆72Mar 12, 2022Updated 4 years ago
- Protect your personal information from hackers and cyber criminals with HackAlert. Our product scans the internet for your online persona…☆18Oct 16, 2024Updated last year
- From this app, Connect a Phone, Extract any app from It, Decompile, Deobfuscate, Remove Certificate Pinning and Repackage it. Meanwhile, …☆27Sep 26, 2025Updated 5 months ago
- Web cache poisoning vulnerability scanner.☆74May 5, 2022Updated 3 years ago
- ☆33Jan 14, 2026Updated 2 months ago