Vulnerable Android application for developers and security researchers to learn about Android penetration testing/ bug bounty hunting. Updated to run with Python 3.
-
Updated
Jan 2, 2022 - Java
A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities.
Vulnerable Android application for developers and security researchers to learn about Android penetration testing/ bug bounty hunting. Updated to run with Python 3.
extract social media accounts and check if possible to hijacking
Some useful files for upload features pentesting
Buggyapp is an vulnerable android application. This app can be used by pentesters, security researchers to practice Android application pentesting. This is build for beginners to learn basics about Android application pentesting
A handy plugin for copying requests/responses directly from Burp, some extra magic included.
Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)
A BurpSuite extension for vulnerability Scanning
Hello, Attack Surface Scan, BurpSuite完全被动扫描插件,不主动发送任何请求,适合挂机使用。
Burpsuite Plugin to detect Directory Traversal vulnerabilities
auto decrypt the request ciphertext and auto bypass the signature of the API. 针对数据包加密、签名保护的安全测试场景,借助burp插件自动解密数据包密文,自动绕过接口的签名保护,最后借助密文数据天然过waf的优势结合Xray等漏扫工具完成半自动的安全测试
Text4Shell的burp被动扫描插件
使用java编写的CRLF-Injection-burp被动扫描插件
Intentionally vulnerable Android application.
This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.