上传   管理   搜索   留言
Pudn.com > 下载中心  > 调试/Bug  > MOBILEAPP_PENTESTING_101
MOBILEAPP_PENTESTING_101
hacktoberfest 
去下载(0) 赞(24) 踩(0) 评论(0) 收藏(0)
所属分类:调试/Bug
开发工具:Shell
文件大小:0KB
下载次数:0
上传日期:2023-10-11 05:25:38
上 传 者sh-1993
说明:  移动式预测试101,,
(MOBILEAPP PENTESTING 101,,)
文件列表:
ANDROID/ (0, 2023-10-16)
ANDROID/Android App 101/ (0, 2023-10-16)
ANDROID/Android App 101/Android Exploits 101.pdf (789436, 2023-10-16)
ANDROID/Android Exploitation/ (0, 2023-10-16)
ANDROID/CVE-2020-0096-StrandHogg/ (0, 2023-10-16)
ANDROID/OPEN_FIREBASE_EXPLOIT/ (0, 2023-10-16)
ANDROID/OPEN_FIREBASE_EXPLOIT/firebaseexploit.py (223, 2023-10-16)
ANDROID/SSL_CERT_INSTALLER_ANDROID7+/ (0, 2023-10-16)
ANDROID/SSL_CERT_INSTALLER_ANDROID7+/install.sh (451, 2023-10-16)
ANDROID/SSL_Pinning_Bypass/ (0, 2023-10-16)
Android - SSL-Pinning.pdf (954674, 2023-10-16)
PDF/ (0, 2023-10-16)
PDF/Android - SSL-Pinning.pdf (954674, 2023-10-16)
PDF/Mobile App Hackers Handbook.pdf (12541165, 2023-10-16)
PDF/Mobile-Security-Testing-Guide.pdf (25099974, 2023-10-16)
PDF/Mobile_Hacking_Android_cheatsheet_v0.1.pdf (323952, 2023-10-16)
PDF/Mobile_Hacking_iOS_cheatsheet_v0.1.pdf (287259, 2023-10-16)
PDF/iOS Application Security The Definitive Guide for Hackers and Developers.pdf (17092997, 2023-10-16)
PDF/iOS Hacking Guide.pdf (11151274, 2023-10-16)
PDF/pentest-report_smartsheriff-2.pdf (416497, 2023-10-16)
PDF/pentest-report_smartsheriff.pdf (1009530, 2023-10-16)
VulnerableApplications/ (0, 2023-10-16)
VulnerableApplications/app.apk (4770231, 2023-10-16)
VulnerableApplications/diva-beta.apk (1502294, 2023-10-16)
VulnerableApplications/periscope_1.25.5.93.apk (18368933, 2023-10-16)
VulnerableApplications/vulnwebview.apk (4770231, 2023-10-16)
# MOBILEAPP_PENTESTING_101 ## EXPLOITS & LEARNING MATERIALS ### *Learning Materials* - [Android Application Security Series by Aditya Agrawal](https://manifestsecurity.com/android-application-security/) - [Tips for Mobile Bug Bounty Hunting](https://ivrodriguez.com/tips-for-mobile-bug-bounty-hunting/) - [THE MOBILE APPLICATION HACKER'S HANDBOOK](https://github.com/mohammedshine/MOBILEAPP_PENTESTING_101/blob/master/PDF/Mobile%20App%20Hackers%20Handbook.pdf) - [iOS Application Security: The Definitive Guide for Hackers and Developers]() - [Awesome-android-security](https://github.com/saeidshirazi/awesome-android-security) - [Cracking Damn Insecure and Vulnerable App (DIVA)](https://resources.infosecinstitute.com/cracking-damn-insecure-and-vulnerable-apps-diva-part-1/#gref) - [From checkra1n to Frida: iOS App Pentesting Quickstart on iOS 13](https://spaceraccoon.dev/from-checkra1n-to-frida-ios-app-pentesting-quickstart-on-ios-13) - [Twitter Thread by Baptiste Robert](https://twitter.com/fs0c131y/status/1129680329994907648) - [ANDROID HACKING CHEATSHEET BY RANDORISEC](https://github.com/mohammedshine/MOBILEAPP_PENTESTING_101/blob/master/PDF/Mobile_Hacking_Android_cheatsheet_v0.1.pdf) - [iOS HACKING CHEATSHEET BY RANDORISEC](https://github.com/mohammedshine/MOBILEAPP_PENTESTING_101/blob/master/PDF/Mobile_Hacking_iOS_cheatsheet_v0.1.pdf) - [Damn Vulnerable iOS App solutions](http://highaltitudehacks.com/2015/04/03/damn-vulnerable-ios-app-solutions-free-for-download/) - [HOW2HACK - GET STARTED HACKING MOBILE](https://www.hackerone.com/blog/How-to-Hack-Get-Started-Hacking-Mobile) - [INTRODUCTION TO ANDROID HACKING BY @0XTEKNOGEEK](https://www.hackerone.com/blog/androidhackingmonth-intro-to-android-hacking) - [Q&A WITH ANDROID HACKER BAGIPRO](https://www.hackerone.com/blog/AndroidHackingMonth-qa-with-bagipro) - [HACKER0x01](https://www.hacker101.com/sessions/mobile_crash_course.html) - [Hacker101 - Mobile Hacking Crash Course](https://www.youtube.com/watch?v=hKF89TXttnw) - https://www.youtube.com/watch?v=KxOGyuGq0Ts - [Hacker101 - Android Quickstart](https://www.youtube.com/watch?v=y0O3sCX9ftM) - [Mobile Pentesting with Frida](https://drive.google.com/file/d/1JccmMLi6YTnyRrp_rk6vzKrUX3oXK_Yw/view?usp=drive_open) - [Awesome POC](https://blog.securitybreached.org/2020/02/19/hacking-sms-api-service-provider-of-a-company-android-app-static-security-analysis-bug-bounty-poc/) - https://www.youtube.com/watch?v=hKF89TXttnw - https://www.youtube.com/watch?v=y0O3sCX9ftM - https://github.com/riddhi-shree/nullCommunity/tree/master/Android - [Frida.ppt](https://drive.google.com/file/d/1JccmMLi6YTnyRrp_rk6vzKrUX3oXK_Yw/view?usp=drive_open) - https://github.com/leonjza/frida-boot/blob/master/slides/frida-boot%20%F0%9F%91%A2.pdf - [Android App Reverse Engineering 101](https://maddiestone.github.io/AndroidAppRE/) - [MSTG](https://mobile-security.gitbook.io/mobile-security-testing-guide/) - [TESLA-POC](https://www.anquanke.com/post/id/218396) - https://mobisec.reyammer.io/ - [Practical Mobile app Attacks by Example Workshop-A7](https://www.youtube.com/watch?v=8TaPmsaaQgY) - [BruCON 0x08 – Smart Sheriff, Dumb Idea. – Abraham Aranguren & Fabian Fssler](https://www.youtube.com/watch?v=AbGX67CuVBQ) - [How to bypass Android certificate pinning and intercept SSL traffic](https://vavkamil.cz/2019/09/15/how-to-bypass-android-certificate-pinning-and-intercept-ssl-traffic/) - [An Android Hacking Primer](https://medium.com/swlh/an-android-hacking-primer-3390fef4e6a0) - [Android Hacking VirSecCon2020 talk](https://www.youtube.com/watch?v=mr64si_-YwI) - [Android App Penetration Testing 101](https://www.youtube.com/watch?v=2uwhrfXCl4I) - [Vulnerabilities of mobile OAuth 2.0 by Nikita Stupin](https://www.youtube.com/watch?v=vjCF_O6aZIg) - [Advanced Android Bug Bounty skills - Ben Actis, Bugcrowd's LevelUp 2017](https://www.youtube.com/watch?v=OLgmPxTHLuY) - [Introduction to Mobile Seciruty Testing [PDF]](https://lnkd.in/g2TJxsH) - [Mediafire_POC](https://bugbountypoc.com/mediafire-andriod-app-leaking-sensitive-user-data/) - [Android Application Pentest Guide](https://lnkd.in/gyQbExg) - https://www.youtube.com/watch?v=QxRy9sVUMQU - [Mobile App Security Testing](https://lnkd.in/gwwpqfH) - [Android Mobile Hacking Workshop slides [2020]](https://lnkd.in/gQF9HQe) - [Cryptography in Mobile Apps](http://bit.do/cryp-PT) - [List of Tools / Scanners / Labs](https://lnkd.in/gmQhQuN) - [Vulnerable APK's for practice](https://lnkd.in/gzq-HUc) - [Mobilepentesting and bughunting](https://youtu.be/B-Kce0rZYAs) - [Android SSL Pinning Bypass for Bug Bounties & Penetration Testing](https://www.youtube.com/watch?v=ENyEcwLaz-A) - [Mobilepentesting and bughunting](https://youtu.be/B-Kce0rZYAs) - [DeepLinks](https://hackerone.com/reports/855618) - [Deeplinks1](https://dphoeniixx.medium.com/exploiting-request-forgery-on-mobile-applications-e1d196d187b3) - [Android webview exploitation](http://www.nuckingfoob.me/android-webview-csp-iframe-sandbox-bypass/index.html) - [Checklist](https://blog.softwaroid.com/2020/05/02/android-application-penetration-testing-bug-bounty-checklist/?preview=true&_thumbnail_id=101) - [Farah Hawa-SAST](https://www.youtube.com/watch?v=a8Gh7d8GebA) - [Android App Hacking Workshop](https://bughunters.google.com/learn/presentations/5783688075542528) - [Strandhogg](https://www.youtube.com/watch?v=yI0Xh5Oc0x4) - [android-security-awesome](https://github.com/ashishb/android-security-awesome) # POC - [Android Reports and Resources](https://github.com/B3nac/Android-Reports-and-Resources) - [A New Way Of Brute force Passcode/Pin Protection By deep link](https://negativewives.blogspot.com/2020/04/a-new-way-of-brute-force-passcodepin.html) - [Exploitation of Improper Export of Activities In Android Application](https://negativewives.blogspot.com/2020/04/improper-export-of-activities-in.html) - [Passcode Protection Bypass By Brute Forcing On zoho](https://negativewives.blogspot.com/2020/04/passcode-protection-bypass-by-brute.html) - [IDOR leading to downloading of any attachment](https://hackerone.com/reports/668439) - [IOS 11.4 Siri Auth Bypass | CVE-2018-4238](https://blog.securitybreached.org/2018/05/22/ios-11-4-authentication-bug-siri-cve-2018-4238/)https://blog.oversecured.com/Android-Access-to-app-protected-components/ - [Access-to-app-protected-components](https://blog.oversecured.com/Android-Access-to-app-protected-components/) - [Jailbreak for iOS 15.0 - 15.4.1, A12 and up] {https://ios.cfw.guide/installing-dopamine/} - [Strandhogg](https://github.com/lucasnlm/strandhogg) - [Rooting Pixel 5 and Bypassing Root Detection using Magisk](https://fury1337.notion.site/How-to-Root-Pixel-5-Bypass-Root-Detection-Safety-net-VA-PT_ISMS-b87fe53770fb49848f33b1dd3803129c) # TOOLS - [B3NAC](https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters/blob/master/assets/tools.md#mobile-hacking) - [Sensepost](https://www.youtube.com/channel/UCeSBNDhEqcQSfeR8LEcD-NA/videos) - [Objection](https://github.com/sensepost/objection) - [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) - [GplayCLT](https://github.com/matlink/gplaycli) - [ADB](https://adbshell.com/commands/adb-install) - [HttpToolKit](https://httptoolkit.tech/) - [reFlutter](https://github.com/Impact-I/reFlutter) - [Magisk](https://github.com/topjohnwu/Magisk/releases) - [Androset](https://github.com/Anof-cyber/Androset) # CTF - [InjuredAndroid - CTF](https://github.com/B3nac/InjuredAndroid) - [CyberTruckChallenge19](https://github.com/nowsecure/cybertruckchallenge19) - [Reverse Engineering](https://braincoke.fr/blog/2021/03/android-reverse-engineering-for-beginners-dexcalibur/#about-dexcalibur) - [hpandro](https://ctf.hpandro.raviramesh.info/)
近期下载者
相关文件
收藏者

© 联合开发网 from 2004 | 联系站长 | 湘ICP备2023001425号 | 网安备43010502000604 |