References

ANDROID

• https://app.hextree.io/
• https://timeout.userpage.fu-berlin.de/apk-building-on-mobile/en/index.php
• https://book.hacktricks.xyz/mobile-pentesting/android-app-pentesting
• https://github.com/Hrishikesh7665/Android-Pentesting-Checklist
• https://mas.owasp.org/MASTG/
• https://stinger.io/mobile/android/
• https://github.com/ivan-sincek/android-penetration-testing-cheat-sheet
• https://developer.android.com/privacy-and-security/security-tips
• https://github.com/DERE-ad2001/Frida-Labs
• https://suam.wtf/posts/react-native-application-static-analysis-en/
• https://www.youtube.com/@fatalsec/videos

WEB

• https://portswigger.net/web-security
• https://portswigger.net/research/server-side-template-injection
• https://www.netspi.com/blog/technical-blog/web-application-pentesting/ultimate-guide-to-prototype-pollution/
• Gareth Heyes. (2022). JavaScript for hackers: Learn to think like a hacker.

OTHER

• https://github.com/neilmadhava/EJPTv2-Notes
• https://juggernaut-sec.com/blog/