- https://www.hackingarticles.in/android-penetration-testing-apk-reverse-engineering/
- https://www.hackingarticles.in/android-penetration-testing-apk-reversing-part-2/
- https://www.hackingarticles.in/android-pentest-deep-link-exploitation/
- https://www.hackingarticles.in/android-penetration-testing-webview-attacks/
- https://www.hackingarticles.in/android-penetration-testing-frida/
- https://www.hackingarticles.in/android-pentest-lab-setup-adb-command-cheatsheet/
- https://www.hackingarticles.in/android-hooking-and-sslpinning-using-objection-framework/
- https://www.hackingarticles.in/android-penetration-testing-drozer/
prinsharma1999
/ Android_pen-testing.md
Created
October 20, 2022 09:30
Saved from https://gist.github.com/thevillagehacker/4d44572180d8baf220fad168a3bc1d08
prinsharma1999
/ tips.md
Created
October 20, 2022 09:29
Saved from https://gist.github.com/danylokos/a04b5bdd6b9e4d01fcee766a86f7e520
- checkra1n
- A7 - A10 devices (iPhone 5s - iPhone X), iOS 12.0+
- Dropbear SSH, port 44, root:alpine
- USB multiplexing daemon
usbmuxd(available viabrew) - Use
scpto copy file to/from device
Forward remote (iDevice) port 44 (Dropbear SSH) to local (Mac) 2222
prinsharma1999
/ static_dynamic_ios_inspection.md
Created
October 20, 2022 09:28
Saved from https://gist.github.com/rustymagnet3000/605c333519cd265c7eac9d556f46dc75
prinsharma1999
/ pentesting_ios_apps_on_electra.txt
Created
July 25, 2022 11:54
Saved from https://gist.github.com/milo2012/a69f803472d5ecf3f161ff02c9d19cb2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Burp SSL Certificate on IOS 11 | |
| On iOS 11 you can't just install your MITM root cert, you also need to explicitly trust it. | |
| You can do this by: | |
| Settings -> General -> About -> Certificate Trust Settings -> Flip the switch on your cert | |
| ---------------------------------------------------------------------------------------------------------------- | |
| #GDB on IOS 11 | |
| Source: https://shmoo419.github.io/ | |
| gdb | |
| ps -ax | grep -i appName | |
| attach [processNo] |
prinsharma1999
/ static_dynamic_ios_inspection.md
Created
July 25, 2022 11:52
Saved from https://gist.github.com/rustymagnet3000/605c333519cd265c7eac9d556f46dc75
prinsharma1999
/ BurpDock
Created
May 28, 2021 18:11
Saved from https://gist.github.com/ujjwal96/1181d442b2a92067b5f3f111d5b3b69e
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| How to setup Burp Suite inside a docker container. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "Online Subdomain Detect Script" | |
| echo "Twitter => https://twitter.com/cihanmehmets" | |
| echo "Github => https://github.com/cihanmehmet" | |
| echo "CURL Subdomain Execute => curl -s -L https://raw.githubusercontent.com/cihanmehmet/sub.sh/master/sub.sh | bash -s bing.com" | |
| echo "██████████████████████████████████████████████████████████████████████████████████████████████████████████████" | |
| if [[ $# -eq 0 ]] ; | |
| then |
prinsharma1999
/ subdomain_wordlist.md
Created
May 16, 2021 19:15
— forked from cihanmehmet/subdomain_wordlist.md
Subdomain Wordlist
cmd@fb:/tmp|❯ wc -l 33m-subdomain-wordlist.txt
33927885 33m-subdomain-wordlist.txt
prinsharma1999
/ proxying-cli-tools.sh
Created
April 9, 2021 18:58
— forked from jivoi/proxying-cli-tools.sh
proxying-cli-tools
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ####################### | |
| ### Proxy curl/wget ### | |
| ####################### | |
| export http_proxy=localhost:8080 | |
| export https_proxy=localhost:8080 | |
| curl -k https://ifconfig.io | |
| wget --no-check-certificates https://ifconfig.io | |
| ####################### | |
| ### Proxy Java JARs ### |
prinsharma1999
/ BurpSuiteSSLPassTrough.json
Created
January 10, 2021 10:17
— forked from vsec7/BurpSuiteSSLPassTrough.json
Filter out the noise
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "proxy":{ | |
| "ssl_pass_through":{ | |
| "automatically_add_entries_on_client_ssl_negotiation_failure":false, | |
| "rules":[ | |
| { | |
| "enabled":true, | |
| "host":".*\\.google\\.com", | |
| "protocol":"any" | |
| }, |
NewerOlder