The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
I think is a great resource add a section about most common vulnerabilities like OWASP Mobile Top 10 and MITRE ATT&CK (Mobile section) to learn about this.
Drozer link doesn't work. I think the new link should be https://github.com/FSecureLABS/drozer
Just for info => https://github.com/ashishb/android-security-awesome could be mentioned somehow.
adb shell
tcpdump -s 0 -w - | nc -l -p 4444 #in android phone
adb forward tcp:4444 tcp:4444
nc localhost 4444 | sudo wireshark -k -S -i wlan1
Where wlan1 is being tethered to my current rooted android phone
Can I confirm if the following steps are correct?
Canape is not maintained anymore in its current form. The Last known version (which might get updated) resides on https://github.com/ctxis/Canape
There is a rewrite of the Core, but the UI only exists in the old version.
Hi,
There is a new tool called Ipanema for application security assessment: https://dev.hackercat.ninja/hcninja/ipanema
Could you add it, please?
should consider to add https://github.com/mwrlabs/needle to the iOS list of tools
any advice for learning android penetration testing?
I suggest adding some tutorial or some labs like GoatDroid, ANDRILL,... in your cheat sheet. tnx
Hello, we have indexd this cheat sheet to awesome-cheatsheet
Thank You !!! ๐ ๐ ๐
Recommend to add Fridpa as a part of iOS Application Penetration Testing
What about adding https://github.com/MobileForensicsResearch/mem ?
It's a great tool for extracting memory from an Android device. It's very trivial to install and use.
Hi,
I noticed that in "Android Application Penetration Testing", under "Reverse Engineering and Static Analysis", the section about FindBugs is outdated since that project has not been updated in the last 5 years. However, a new project called SpotBugs which aims to continue the old one (and FindSecBugs is updated to the new one as well).
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
