OWASP-Ruhrpott / Owasp Workshop Android Pentest
Licence: gpl-3.0
Learning Penetration Testing of Android Applications
Stars: ✭ 60
Programming Languages
java
68154 projects - #9 most used programming language
Projects that are alternatives of or similar to Owasp Workshop Android Pentest
Awesome Hacking Resources
A collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+19010%)
Mutual labels: penetration-testing, ctf, owasp
challenges
Security challenges and CTFs created by the Penultimate team.
Stars: ✭ 13 (-78.33%)
Mutual labels: challenge, ctf
Whatweb
Next generation web scanner
Stars: ✭ 3,503 (+5738.33%)
Mutual labels: penetration-testing, owasp
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+12455%)
Mutual labels: owasp, ctf
juice-shop-ctf
Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+378.33%)
Mutual labels: owasp, ctf
Fdsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+231.67%)
Mutual labels: penetration-testing, owasp
Vulnhub Ctf Writeups
This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.
Stars: ✭ 368 (+513.33%)
Mutual labels: penetration-testing, ctf
Stegcracker
Steganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (+560%)
Mutual labels: penetration-testing, ctf
Juice Shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+10350%)
Mutual labels: ctf, owasp
avast-ctf-cambridge-2018
🎖 A complete write-up of the Avast challenge given at Hack Cambridge 2018
Stars: ✭ 16 (-73.33%)
Mutual labels: challenge, ctf
Resources-for-Application-Security
Some good resources for getting started with application security
Stars: ✭ 97 (+61.67%)
Mutual labels: owasp, ctf
Wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+6355%)
Mutual labels: penetration-testing, owasp
ggtfobins
Get GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-55%)
Mutual labels: penetration-testing, ctf
Awesome Ethical Hacking Resources
🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.
Stars: ✭ 933 (+1455%)
Mutual labels: penetration-testing, owasp
Oscp Pentest Methodologies
备考 OSCP 的各种干货资料/渗透测试干货资料
Stars: ✭ 166 (+176.67%)
Mutual labels: penetration-testing, ctf
Zap Cli
A simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+176.67%)
Mutual labels: penetration-testing, owasp
owasp-workshop-android-pentest
Learning Penetration Testing of Android Applications
How to start with Android Application Pentesting?
The should be very easy. We configured two virtual machines with all tools you need here:
-
https://drive.google.com/open?id=0BwhtuArcTcxMWlhvTW5SYkFsbWc
-
OWASP Android VM.ova- Android 5 VM for the Android App Pentest Workshop (SHA256 236917e4953af0b336f373e72e63946a96ade543107f32acf88df12d9e79755a) -
OWASP Ruhrpott.ova- Ubuntu based VM for the OWASP Android App Pentest Workshop (SHA256 419e7161172b8270cc2c83f7957a4311b57a63f5229cac4d082c4fec6007dd59)
-
Requirements
The following are hardware and software recommendations:
- Linux / Windows / Mac Operating System
- Oracle VirtualBox (in a recent version)
- 25 GB of storage on your hard drive
- >4 GB RAM
Setup
- After you downloaded the two VMs import them in VirtualBox via
File -> Import Appliance .... - Configure the the DHCP of VirtualBox to allow configure the internal network:
VBoxManage dhcpserver add --netname intnet --ip 10.13.13.100 --netmask 255.255.255.0 --lowerip 10.13.13.101 --upperip 10.13.13.254 --enable
- Start the Android VM first and wait until it is booted, this ensures that the it will have the IP
10.13.13.101. (PIN: 0000) - Start the OWASP VM. It will should have the IP
10.13.13.102. (pentester:owasp2017) - You are now ready to start with the challenges.
Workshops
This repository was used in previous Workshops and the following table is used to reference them:
| What | Where | When | Slides | Link |
|---|---|---|---|---|
| OWASP Stammtisch Ruhrpott | Essen, Germany | 31.01.17 | Slides | Wiki |
| OWASP Stammtisch Ruhrpott | Essen, Germany | 04.03.17 | Slides | Wiki |
| SHA2017 | Zeewolde, Netherlands | 05.08.17 | Slides | Link |
It would be nice if you give us a small notice, when you are doing a workshop with our project so we can reference it here.
Contribute
You can contribute via a pull request or an issue with a bug or a feature request. Please keep in mind that we are developing this project in our free time so a response might take some time. To contribute with challenges see the CONTRIBUTING.md file.
Solutions
In the case you are get stuck with a challenge, see the wiki for hints.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].