sh4hin/MobileApp-Pentest-Cheatsheet external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

sh4hin/MobileApp-Pentest-Cheatsheet

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sh4hin/MobileApp-Pentest-Cheatsheet)

Close

sh4hin / MobileApp-Pentest-CheatsheetView on GitHubMore

• External links
• Readme badge

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

☆294Feb 2, 2018Updated 8 years ago

Alternatives and similar repositories for MobileApp-Pentest-Cheatsheet

Users that are interested in MobileApp-Pentest-Cheatsheet are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• sh4hin / Androl4b

  View on GitHub
  A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
  ☆1,158May 31, 2023Updated 2 years ago
• tanprathan / MobileApp-Pentest-Cheatsheet

  View on GitHub
  The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…
  ☆5,179Feb 8, 2024Updated 2 years ago
• 1ultimat3 / BadIntent

  View on GitHub
  Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
  ☆322Aug 20, 2017Updated 8 years ago
• ReversecLabs / needle

  View on GitHub
  The iOS Security Testing Framework
  ☆1,383Oct 25, 2020Updated 5 years ago
• logicalhacking / DVHMA

  View on GitHub
  Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
  ☆269Aug 22, 2018Updated 7 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• tomdev / teh_s3_bucketeers

  View on GitHub
  ☆276Oct 19, 2021Updated 4 years ago
• pathetiq / BurpSmartBuster

  View on GitHub
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆378Oct 12, 2020Updated 5 years ago
• Fuzzapi / fuzzapi

  View on GitHub
  Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
  ☆665Feb 25, 2021Updated 5 years ago
• glennzw / shodan-hq-nse

  View on GitHub
  Shodan HQ nmap plugin - passively scan targets
  ☆157Mar 14, 2016Updated 10 years ago
• moloch-- / CSP-Bypass

  View on GitHub
  A Burp Plugin for Detecting Weaknesses in Content Security Policies
  ☆166May 19, 2023Updated 2 years ago
• anshumanbh / brutesubs

  View on GitHub
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆259Aug 22, 2021Updated 4 years ago
• hahwul / droid-hunter

  View on GitHub
  (deprecated) Android application vulnerability analysis and Android pentest tool
  ☆296Nov 6, 2018Updated 7 years ago
• nccgroup / wssip

  View on GitHub
  Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
  ☆450Dec 8, 2022Updated 3 years ago
• strozfriedberg / xxe-recursive-download

  View on GitHub
  ☆231Nov 18, 2015Updated 10 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• federicodotta / Brida

  View on GitHub
  The new bridge between Burp Suite and Frida!
  ☆1,865Oct 30, 2025Updated 5 months ago
• AndroBugs / AndroBugs_Framework

  View on GitHub
  AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilitie…
  ☆1,220Apr 24, 2019Updated 6 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,485Oct 12, 2024Updated last year
• tijme / angularjs-csti-scanner

  View on GitHub
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
  ☆325Oct 20, 2021Updated 4 years ago
• nettitude / xss_payloads

  View on GitHub
  Exploitation for XSS
  ☆730Aug 5, 2021Updated 4 years ago
• dpnishant / appmon

  View on GitHub
  Documentation:
  ☆1,623May 1, 2023Updated 2 years ago
• CvvT / AppTroy

  View on GitHub
  An Online Analysis System for Packed Android Malware
  ☆107Jul 28, 2016Updated 9 years ago
• michalkoczwara / AutoLocalPrivilegeEscalation

  View on GitHub
  An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically
  ☆24Apr 30, 2016Updated 9 years ago
• GDSSecurity / Jetleak-Testing-Script

  View on GitHub
  Script to test if a server is vulnerable to the JetLeak vulnerability
  ☆144Jul 1, 2016Updated 9 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• jhaddix / domain

  View on GitHub
  Setup script for Regon-ng
  ☆939Nov 17, 2020Updated 5 years ago
• juliocesarfort / crossdomainer

  View on GitHub
  Flash crossdomain policy security checker
  ☆26Oct 3, 2015Updated 10 years ago
• securitytest3r / frida-ios-app-patching

  View on GitHub
  ☆31Feb 10, 2020Updated 6 years ago
• irsdl / updated-SWFIntruder

  View on GitHub
  Updated version of SWFIntruder
  ☆27Aug 16, 2016Updated 9 years ago
• muellerberndt / android_app_security_checklist

  View on GitHub
  Android App Security Checklist
  ☆890Aug 27, 2022Updated 3 years ago
• maK- / parameth

  View on GitHub
  This tool can be used to brute discover GET and POST parameters
  ☆1,393Aug 24, 2019Updated 6 years ago
• netbiosX / Pentest-Bookmarks

  View on GitHub
  Database of websites for penetration testing
  ☆183Jan 15, 2020Updated 6 years ago
• lc / hacks

  View on GitHub
  Repo of useful scripts
  ☆104Jun 30, 2020Updated 5 years ago
• nccgroup / LazyDroid

  View on GitHub
  bash script to facilitate some aspects of an Android application assessment
  ☆159Sep 9, 2021Updated 4 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• nccgroup / house

  View on GitHub
  A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
  ☆1,461Jun 3, 2021Updated 4 years ago
• tcstool / Fireaway

  View on GitHub
  Next Generation Firewall Audit and Bypass Tool
  ☆266Apr 24, 2017Updated 8 years ago
• mirfansulaiman / Command-Mobile-Penetration-Testing-Cheatsheet

  View on GitHub
  Mobile penetration testing android & iOS command cheatsheet
  ☆384Jan 29, 2026Updated 2 months ago
• payatu / diva-android

  View on GitHub
  DIVA Android - Damn Insecure and vulnerable App for Android
  ☆1,096May 19, 2023Updated 2 years ago
• darryllane / Bluto-Old

  View on GitHub
  Recon, Subdomain Bruting, Zone Transfers
  ☆229Aug 2, 2016Updated 9 years ago
• bugbountyforum / XSS-Radar

  View on GitHub
  ☆332Jan 8, 2018Updated 8 years ago
• devoteam-cybertrust / friOS

  View on GitHub
  iOS Frida Scripts
  ☆37Oct 2, 2017Updated 8 years ago