thisistfs Goto Github PK
Name: Mohammad Hossein Aghaee
Type: User
Bio: Mobile Platform Penetration Tester
Name: Mohammad Hossein Aghaee
Type: User
Bio: Mobile Platform Penetration Tester
Fast and customizable subdomain wordlist generator using DSL
A big list of Android Hackerone disclosed reports and other resources.
This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.
Awesome Vulnerable Applications
A graph-based tool for visualizing effective access and resource relationships in AWS environments.
Real Android malware apps discussed in the book
A repository that includes all the important wordlists used while bug hunting.
completely ridiculous API (crAPI)
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis
.NET debugger and assembly editor
DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
materials we hand out
The worldโs 1st book of very detailed iOS App reverse engineering skills :)
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Fast and customizable vulnerability scanner based on simple YAML based DSL.
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Padding Oracle Attack fully explained and coded from scratch in Python3
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
My exploratory code to test padding oracle attacks
Python ADB + Fastboot implementation
redroid (Remote-Android) is a multi-arch, GPU enabled, Android in Cloud solution. Track issues / docs here
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.