Dynamic analysis scripts for Android apps using Frida. Monitor and log method behaviors in real-time
-
Updated
Sep 24, 2023 - JavaScript
Dynamic analysis scripts for Android apps using Frida. Monitor and log method behaviors in real-time
Proof-Of-Concept of time-based username enumeration. This happens due to the time it costs to process a hash in the backend server and is often ignored or forgotten in audits.
A set of scripts to facilitate HTTP interception on mobile apps
Firefox extension to check the presence of HTTP Security Headers and the implementation of the Subresource Integrity (SRI).
A collection of utility scripts leveraging the Corellium API and designed to facilitate mobile pentesting.
Personal InfoSec blog
Enumerate and exfiltrate files via out of band XXE, for situations where resolved entity is not displayed in the response, and directory listing is not available.
Useful notes about Web Application Security for Pentest/CTF/Redteaming. Thank you for your support.
One of the best extensions for Pentesters, the Hackbar, now in Firefox Quantum, but improved by 1000%, more features, more compact and visually remodeled.
A simple Node.js reverse shell useful for pentest ops
Simple and vulnerable NodeJS app prone to Cross-Site Scripting (XSS)
Pentest Reconnaissance Tool in Javascript based on Ricardo Longatto version.
This HTML file creates a CSRF PoC form to any HTTP request.
Weaponize.it is your go-to resource for gaining insights into pentesting, bug bounty hunting, and scripting.
Cosmos Market Apps Build By TinyActive
⭐⭐⭐⭐⭐ 识别网站上使用的技术和组件,收集网站上泄露的敏感信息。
Add a description, image, and links to the pentest topic page so that developers can more easily learn about it.
To associate your repository with the pentest topic, visit your repo's landing page and select "manage topics."