Practical, minimal checklists focused on repeatable findings. Choose a collection below.
Web / APIs
Web
Main web checklist: critical paths, sessions, CSRF, uploads, validation and more.
- Critical checklist
- Session & password attacks
- CSRF / JSON-CSRF
- File upload attacks
- Data validation
Mobile
Android / iOS
Static & dynamic reviews, ADB recipes, deep links, storage, logs and useful keywords.
- Static / Dynamic checklist
- Network security config
- Deep link testing
- Local storage & logs
- ADB commands
