|
Old Backup Files
|
Web Application |
100 |
|
|
SQL Injection
|
Content Providers |
100 |
|
|
Internal Storage
|
Insecure Data Storage |
100 |
|
|
Shared Preferences
|
Insecure Data Storage |
100 |
|
|
SQLite Databases (Unencrypted)
|
Insecure Data Storage |
100 |
|
|
Insecure Direct Object Reference
|
Web Application |
100 |
|
|
JSON to XXE (Blind)
|
Web Application |
100 |
|
|
RFI
|
Web Application |
100 |
|
|
SSRF
|
Web Application |
100 |
|
|
REST API HTTP Methods
|
Web Application |
100 |
|
|
JWT Misconfiguration
|
Web Application |
100 |
|
|
Server Fingerprint
|
Web Application |
100 |
|
|
JavaScript - Info leak
|
Web Application |
100 |
|
|
Bruteforce
|
Web Application |
100 |
|
|
HTML5 Controls
|
Web Application |
100 |
|
|
IMEI/ESN
|
Device ID |
100 |
|
|
Device Wi-Fi MAC
|
Device ID |
100 |
|
|
SSAID/ANDROID_ID
|
Device ID |
100 |
|
|
Virtual Phone Number
|
Emulator detection |
100 |
|
|
Su Exists
|
Root Detection |
100 |
|
|
Su Binary
|
Root Detection |
100 |
|
|
BusyBox Binary
|
Root Detection |
100 |
|
|
Root Cloaking Apps
|
Root Detection |
100 |
|
|
Potentially Dangerous Apps
|
Root Detection |
100 |
|
|
Root Management Apps
|
Root Detection |
100 |
|
|
Error Logs
|
Logs |
100 |
|
|
Warnings Logs
|
Logs |
100 |
|
|
Debug Logs
|
Logs |
100 |
|
|
Verbose Logs
|
Logs |
100 |
|
|
WTF Logs
|
Logs |
100 |
|
|
Informational Logs
|
Logs |
100 |
|
|
HTTPS Traffic
|
HTTP Traffic |
100 |
|
|
HTTP Traffic
|
HTTP Traffic |
100 |
|
|
Sanity Check Flag
|
Sanity Check |
0 |
|