AppAuth-OAuth2-Books-DemoA companion repo for the blog article: https://blog.approov.io/adding-oauth2-to-mobile-android-and-ios-clients-using-the-appauth-sdk
Stars: ✭ 22 (-85.53%)
Aproxandroid proxy setting tool
Stars: ✭ 34 (-77.63%)
gsm-assessment-toolkitGSM Assessment Toolkit - A security evaluation framework for GSM networks
Stars: ✭ 60 (-60.53%)
Atfuzzer"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" ACSAC 2019
Stars: ✭ 128 (-15.79%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-71.71%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (+449.34%)
CheckoutVerifierVerify your In-App Purchase receipts & protect your Apps from hacking, patching used by Piracy Apps like Lucky Patcher.
Stars: ✭ 48 (-68.42%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-25.66%)
whoofWeb Browser Hooking Framework. Manage, execute and assess web browser vulnerabilities
Stars: ✭ 24 (-84.21%)
StacoanStaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
Stars: ✭ 707 (+365.13%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-76.32%)
Web MethodologyMethodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Stars: ✭ 142 (-6.58%)
cryptoniceCryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration…
Stars: ✭ 91 (-40.13%)
Kamus An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications
Stars: ✭ 694 (+356.58%)
Droid Watcher[OUTDATED & UNSUPPORTED] Droid Watcher - Android Spy Application
Stars: ✭ 103 (-32.24%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+316.45%)
Awesome Threat ModellingA curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Stars: ✭ 319 (+109.87%)
Oob ServerA Bind9 server for pentesters to use for Out-of-Band vulnerabilities
Stars: ✭ 125 (-17.76%)
android-webauthn-authenticatorA WebAuthn Authenticator for Android leveraging hardware-backed key storage and biometric user verification.
Stars: ✭ 101 (-33.55%)
vulndb-data-mirrorA simple Java command-line utility to mirror the entire contents of VulnDB.
Stars: ✭ 36 (-76.32%)
nodejssecurityDocumentation for Essential Node.js Security
Stars: ✭ 64 (-57.89%)
Awesome Android SecurityA curated list of Android Security materials and resources For Pentesters and Bug Hunters
Stars: ✭ 506 (+232.89%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+5872.37%)
BadintentIntercept, modify, repeat and attack Android's Binder transactions using Burp Suite
Stars: ✭ 303 (+99.34%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+1782.89%)
awesome-policy-as-codeA curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
Stars: ✭ 121 (-20.39%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-17.76%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+4855.92%)
Www CommunityOWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+169.08%)
PivaaCreated by High-Tech Bridge, the Purposefully Insecure and Vulnerable Android Application (PIVAA) replaces outdated DIVA for benchmark of mobile vulnerability scanners.
Stars: ✭ 71 (-53.29%)
Sast ScanScan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Stars: ✭ 234 (+53.95%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (+3.95%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+153.29%)
sample-scan-filesSample scan files for testing DefectDojo imports
Stars: ✭ 60 (-60.53%)
Nist Data MirrorA simple Java command-line utility to mirror the CVE JSON data from NIST.
Stars: ✭ 135 (-11.18%)
Android Sitemap👓 Every link ever to Android Developer site.
Stars: ✭ 61 (-59.87%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+12598.68%)
Axploreraxplorer - Android Permission Mappings
Stars: ✭ 68 (-55.26%)
mobilehacktoolsA repository for scripting a mobile attack toolchain
Stars: ✭ 61 (-59.87%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (+108.55%)
SSI Extra MaterialsIn my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (-72.37%)
CoeusAndroid apk/sdk Scan包括android apk/sdk 安全审计代码扫描以及国内政策扫描
Stars: ✭ 122 (-19.74%)
Cwac SecurityCWAC-Security: Helping You Help Your Users Defend Their Data
Stars: ✭ 294 (+93.42%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+2204.61%)
Fingerprint AndroidSwiss army knife for identifying and fingerprinting Android devices.
Stars: ✭ 146 (-3.95%)
KurukshetraKurukshetra - A framework for teaching secure coding by means of interactive problem solving.
Stars: ✭ 131 (-13.82%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (-24.34%)
PinkmanPINkman is a library to help implementing an authentication by a PIN code in a secure manner. The library derives hash from the user's PIN using Argon2 function and stores it in an encrypted file. The file is encrypted with the AES-256 algorithm in the GCM mode and keys are stored in the AndroidKeystore.
Stars: ✭ 59 (-61.18%)