Stars
A collection of android security related resources
Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
GoldenEye Layer 7 (KeepAlive+NoCache) DoS Test Tool
🔍 erroreyes – Lightweight Subdomain Enumeration Tool A Python-based tool that queries crt.sh certificate logs to discover subdomains associated with a target domain. Perfect for security researcher…
🛰️ Represent any GraphQL API as an interactive graph
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
A curated list of amazingly awesome Burp Extensions
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …
Prevents you from committing secrets and credentials into git repositories
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widesprea…
An OOB interaction gathering server and client library
Convolutional neural network for analyzing pentest screenshots
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Burpsuite Extension to bypass 403 restricted directory
The recursive internet scanner for hackers. 🧡
A big list of Android Hackerone disclosed reports and other resources.
An advanced JWT extraction & decoding tool for bug bounty hunters! 🏴☠️
Awesome information for WebSockets security research