Lists (8)
Starred repositories
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static aβ¦
The Leading Security Assessment Framework for Android.
π± objection - runtime mobile exploration
Tool to look for several security related Android application vulnerabilities
A tool for reverse engineering Android apk files
A script to extract potentially sensitive files (like .env, .json, .db, etc.) from APKs or decompiled APK folders to organized directories for analysis.
An OSINT tool to quickly extract IP and URL endpoints from APKs by disassembling and decompiling
A command-line tool for downloading APK files from various sources
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
A Burp Extension to test applications for vulnerability to the Web Cache Deception attack
**A powerful, offline, single-file HTML tool designed for developers and security researchers to inspect and analyze JavaScript Source Map (`.js.map`) files.**
π An HTTP inspector for Android & OkHTTP (like Charles but on device)
Simple XSS vulnerability checker tool very useful with xsschecker.
Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
Fast & user-friendly web change tracking tool.
Self-hosted passive subdomain continous monitoring tool.
Extract uncompiled, uncompressed SPA code from Webpack source maps.
A tool for inspecting and analyzing mobile application storage files.
A lightweight Python-based tool to extract and enumerate Android components and automatically generate practical ADB commands
Generate Frida bypass scripts for Android APK root and SSL checks.
JWT Auditor β Analyze, break, and understand your tokens like a pro.
A OWASP Based Checklist With 80+ Test Cases
GQLSpection - parses GraphQL introspection schema and generates possible queries
Scanning APK file for URIs, endpoints & secrets.
This tool will check for Sensitive Data Leakage with some useful patterns/RegEx. The patterns are mostly targeted on waybackdata and filter everything accordingly.