tanprathan / owasp-mstg
The Mobile Security Testing Guide (MSTG) is a manual for testing the security of mobile apps. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). The MSTG is meant to provide a baseline set of test cases for black-box and white-box security tests, and to help ensure c…
☆33Updated 7 years ago
Related projects ⓘ
Alternatives and complementary repositories for owasp-mstg
- List of Google Dorks for sites that have responsible disclosure program / bug bounty program☆19Updated 5 years ago
- Recon_profile☆36Updated 4 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids.☆30Updated 6 years ago
- SSLScrape | A scanning tool for scaping hostnames from SSL certificates.☆43Updated 5 years ago
- ☆36Updated 5 years ago
- Now use your favorite Google Dorks techniques to find vulnerabilities and earn Bounties.☆31Updated 4 years ago
- A listing of the most common vuln that you can link in your PoCs☆27Updated 6 years ago
- Penetration Testing Checklist☆35Updated 4 years ago
- ☆57Updated last year
- In-depth DNS Enumeration and Network Mapping☆33Updated 5 years ago
- Bash script to automate Bug Bounty Reconnaissance☆37Updated 3 years ago
- Reestructured LemonBooster.☆44Updated 3 months ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆36Updated 7 years ago
- Instant access to you bug bounty submission dashboard on various platforms + publicly disclosed reports + #bugbountytip☆20Updated 4 years ago
- Handy bash and python scripts for bug bounty hunting!☆47Updated 3 years ago
- A simple Cherry Tree template that can be used to organize bug bounties☆34Updated 5 years ago
- This script is intended to automate your reconnaissance process in an organized fashion☆38Updated 6 years ago
- Portable and flexible web application security assessment tool.It parses Burp Suite log and performs various tests depending on the modul…☆33Updated 9 years ago
- Ease-of-use extension for Web Application penetration testing☆21Updated 7 years ago
- This repo hosts multiple codes, content, checklists etc which can help a penetration tester in a web application auditing.☆21Updated last year
- Offsec Pentest and Bug Bounty Notes☆23Updated 4 years ago
- API Pentesting notes.☆96Updated last week
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆36Updated 6 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- A python script that finds endpoints in JavaScript files☆42Updated 5 years ago
- This repository contains an example Python API that is vulnerable to several different web API attacks.☆27Updated 5 years ago
- Wheres My Git - Find /.git/config files based on dirs found in home url☆20Updated 2 years ago
- These are my notes for OSCP preparation. Hope you'll find them useful.☆14Updated 5 years ago
- ASN reconnaissance script☆23Updated 4 years ago