Identifies vulnerabilities in network_security_config.xml, AndroidManifest.xml and if Firebase URL are accessible publicly
☆53Mar 15, 2026Updated last month
Alternatives and similar repositories for ScanAndroidXML
Users that are interested in ScanAndroidXML are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- File system enumerator and monitor for Android and Ubuntu.☆17Sep 25, 2021Updated 4 years ago
- List of custom Nuclei templates☆16Nov 4, 2023Updated 2 years ago
- Android Penetration Testing setup tool. Garuda automates the installation of the required tools to perform Android Security Analysis.☆73Sep 10, 2023Updated 2 years ago
- AndroGoat☆355Nov 22, 2025Updated 5 months ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Jun 12, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- This script identifies Host Header Injection vulnerabilities in a list of URLs or a specific domain, outputting the vulnerable locations …☆15May 23, 2023Updated 2 years ago
- OWASP ZAP add-on to detect reflected parameter vulnerabilities efficiently☆12Feb 19, 2021Updated 5 years ago
- Tool to hack Graphql☆15Oct 17, 2023Updated 2 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆12Jun 18, 2018Updated 7 years ago
- backdoor exploit for vsftpd 2.3.4 on python☆16Oct 14, 2023Updated 2 years ago
- One liner regex match to search inside JS files, using curl and grep!☆29Dec 26, 2021Updated 4 years ago
- A Bash wrapper for radamsa that can be used to fuzz exported activities and deep links.☆52Aug 17, 2021Updated 4 years ago
- Where's My Browser? Learn hacking WebViews (Android Mobile App)☆45Jul 31, 2018Updated 7 years ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆35Aug 30, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A collection of js analysis tools & scripts.☆18Apr 24, 2026Updated last week
- 基于Drozer对Android的四大组件进行批量处理☆21Jan 15, 2020Updated 6 years ago
- parse ffuf & map endpoints to wordlists☆21Feb 25, 2021Updated 5 years ago
- ☆16Jul 20, 2018Updated 7 years ago
- Droz_scan is a automated script, that runs all the queries of drozer in a single run☆26May 15, 2023Updated 2 years ago
- WebDirScan is a tool for brute-forcing URIs (directories and files) on web servers by taking input directory to scan for files & director…☆11Mar 31, 2023Updated 3 years ago
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 9 months ago
- Various fuzzers written in Python. Currently has a TCP server for fuzzing client software, and a CLI fuzzer to use against programs ran f…☆11Feb 14, 2018Updated 8 years ago
- Sechead is a powerful security tool developed in Python that allows users to audit the security headers of any website. With Sechead, use…☆13May 22, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Hey Guys I released this tools just for helping you guys do recon. This tool contain many other open source tools which you need to setup…☆12Aug 23, 2021Updated 4 years ago
- Cloning apk for bypassing code tampering detection, Google Safety Net and scanning vulnerable plugins☆87Jun 16, 2023Updated 2 years ago
- Tool to get the top android apps for bug bounty purpose☆17Sep 10, 2020Updated 5 years ago
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆22Feb 12, 2023Updated 3 years ago
- 一款被动扫描ssrf的burpsuite插件☆20Dec 30, 2022Updated 3 years ago
- ☆25Mar 5, 2023Updated 3 years ago
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆377Jul 25, 2023Updated 2 years ago
- recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…☆23Feb 11, 2023Updated 3 years ago
- Reconflow is all in one tool for gathering reconnaissance information about a target in a penetration test☆14Jul 18, 2021Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆44Apr 30, 2021Updated 5 years ago
- Filter URLs that match your scope file for bugbounty.☆11May 23, 2023Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆73Mar 12, 2022Updated 4 years ago
- Protect your personal information from hackers and cyber criminals with HackAlert. Our product scans the internet for your online persona…☆18Oct 16, 2024Updated last year
- Intentionally vulnerable webview implementions in Android☆59Apr 22, 2022Updated 4 years ago
- From this app, Connect a Phone, Extract any app from It, Decompile, Deobfuscate, Remove Certificate Pinning and Repackage it. Meanwhile, …☆27Sep 26, 2025Updated 7 months ago
- Web cache poisoning vulnerability scanner.☆75May 5, 2022Updated 3 years ago