Tools - ap00rv/Appsec-wiki GitHub Wiki
Recon tools
massdns- a fast subdomain bruteforcing tool
findsubdomains.com -search for subdomains for any website
Search for TLS certificates in public logs
Tools and Burp/ZAP extension for web
-
Automatic Server-Side Template Injection Detection and Exploitation Tool
-
Automated Mongo database and NoSQL web application exploitation tool
-
Record your screen, network traffic & JavaScript logs and screenshot sessions too
Tools for android
- [Detect regex DOS vulns in Android apps ] (https://github.com/olivo/redos-detector)
Tools for iOS
- [iOS security assessment tools] (http://www.kitploit.com/2016/12/idb-ios-app-security-assessment-tool.html)