sh4hin/MobileApp-Pentest-Cheatsheet external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

sh4hin/MobileApp-Pentest-Cheatsheet

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/sh4hin/MobileApp-Pentest-Cheatsheet)

Close

sh4hin / MobileApp-Pentest-CheatsheetView on GitHubMore

• External links
• Readme badge

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

☆295Feb 2, 2018Updated 8 years ago

Alternatives and similar repositories for MobileApp-Pentest-Cheatsheet

Users that are interested in MobileApp-Pentest-Cheatsheet are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• sh4hin / Androl4b

  View on GitHub
  A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
  ☆1,159May 31, 2023Updated 3 years ago
• tanprathan / MobileApp-Pentest-Cheatsheet

  View on GitHub
  The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application pen…
  ☆5,203Feb 8, 2024Updated 2 years ago
• 1ultimat3 / BadIntent

  View on GitHub
  Intercept, modify, repeat and attack Android's Binder transactions using Burp Suite
  ☆323Aug 20, 2017Updated 8 years ago
• ReversecLabs / needle

  View on GitHub
  The iOS Security Testing Framework
  ☆1,395Oct 25, 2020Updated 5 years ago
• logicalhacking / DVHMA

  View on GitHub
  Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
  ☆270Aug 22, 2018Updated 7 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• tomdev / teh_s3_bucketeers

  View on GitHub
  ☆277Oct 19, 2021Updated 4 years ago
• pathetiq / BurpSmartBuster

  View on GitHub
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆379Oct 12, 2020Updated 5 years ago
• Fuzzapi / fuzzapi

  View on GitHub
  Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
  ☆666Feb 25, 2021Updated 5 years ago
• glennzw / shodan-hq-nse

  View on GitHub
  Shodan HQ nmap plugin - passively scan targets
  ☆157Mar 14, 2016Updated 10 years ago
• moloch-- / CSP-Bypass

  View on GitHub
  A Burp Plugin for Detecting Weaknesses in Content Security Policies
  ☆167May 19, 2023Updated 3 years ago
• anshumanbh / brutesubs

  View on GitHub
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆259Aug 22, 2021Updated 4 years ago
• hahwul / droid-hunter

  View on GitHub
  (deprecated) Android application vulnerability analysis and Android pentest tool
  ☆309Nov 6, 2018Updated 7 years ago
• nccgroup / wssip

  View on GitHub
  Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
  ☆451Dec 8, 2022Updated 3 years ago
• strozfriedberg / xxe-recursive-download

  View on GitHub
  ☆230Nov 18, 2015Updated 10 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• federicodotta / Brida

  View on GitHub
  The new bridge between Burp Suite and Frida!
  ☆1,878Oct 30, 2025Updated 7 months ago
• AndroBugs / AndroBugs_Framework

  View on GitHub
  AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilitie…
  ☆1,220Apr 24, 2019Updated 7 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,498Oct 12, 2024Updated last year
• tijme / angularjs-csti-scanner

  View on GitHub
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
  ☆324Oct 20, 2021Updated 4 years ago
• dpnishant / appmon

  View on GitHub
  Documentation:
  ☆1,622May 1, 2023Updated 3 years ago
• nettitude / xss_payloads

  View on GitHub
  Exploitation for XSS
  ☆736Aug 5, 2021Updated 4 years ago
• CvvT / AppTroy

  View on GitHub
  An Online Analysis System for Packed Android Malware
  ☆108Jul 28, 2016Updated 9 years ago
• michalkoczwara / AutoLocalPrivilegeEscalation

  View on GitHub
  An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically
  ☆24Apr 30, 2016Updated 10 years ago
• GDSSecurity / Jetleak-Testing-Script

  View on GitHub
  Script to test if a server is vulnerable to the JetLeak vulnerability
  ☆144Jul 1, 2016Updated 9 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• jhaddix / domain

  View on GitHub
  Setup script for Regon-ng
  ☆941Nov 17, 2020Updated 5 years ago
• juliocesarfort / crossdomainer

  View on GitHub
  Flash crossdomain policy security checker
  ☆26Oct 3, 2015Updated 10 years ago
• securitytest3r / frida-ios-app-patching

  View on GitHub
  ☆31Feb 10, 2020Updated 6 years ago
• irsdl / updated-SWFIntruder

  View on GitHub
  Updated version of SWFIntruder
  ☆27Aug 16, 2016Updated 9 years ago
• muellerberndt / android_app_security_checklist

  View on GitHub
  Android App Security Checklist
  ☆894Aug 27, 2022Updated 3 years ago
• maK- / parameth

  View on GitHub
  This tool can be used to brute discover GET and POST parameters
  ☆1,395Aug 24, 2019Updated 6 years ago
• netbiosX / Pentest-Bookmarks

  View on GitHub
  Database of websites for penetration testing
  ☆184Jan 15, 2020Updated 6 years ago
• lc / hacks

  View on GitHub
  Repo of useful scripts
  ☆103Jun 30, 2020Updated 5 years ago
• nccgroup / LazyDroid

  View on GitHub
  bash script to facilitate some aspects of an Android application assessment
  ☆159Sep 9, 2021Updated 4 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• nccgroup / house

  View on GitHub
  A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
  ☆1,462Jun 3, 2021Updated 5 years ago
• tcstool / Fireaway

  View on GitHub
  Next Generation Firewall Audit and Bypass Tool
  ☆266Apr 24, 2017Updated 9 years ago
• mirfansulaiman / Command-Mobile-Penetration-Testing-Cheatsheet

  View on GitHub
  Mobile penetration testing android & iOS command cheatsheet
  ☆384Jan 29, 2026Updated 4 months ago
• payatu / diva-android

  View on GitHub
  DIVA Android - Damn Insecure and vulnerable App for Android
  ☆1,112May 19, 2023Updated 3 years ago
• darryllane / Bluto-Old

  View on GitHub
  Recon, Subdomain Bruting, Zone Transfers
  ☆230Aug 2, 2016Updated 9 years ago
• bugbountyforum / XSS-Radar

  View on GitHub
  ☆334Jan 8, 2018Updated 8 years ago
• devoteam-cybertrust / friOS

  View on GitHub
  iOS Frida Scripts
  ☆37Oct 2, 2017Updated 8 years ago