{"id":17955019,"url":"https://github.com/adityatelange/mobsleuth","last_synced_at":"2025-09-24T15:32:17.704Z","repository":{"id":224244828,"uuid":"762602146","full_name":"adityatelange/MobSleuth","owner":"adityatelange","description":"Scripts to set up your own Android 📱 app hacking lab ","archived":false,"fork":false,"pushed_at":"2024-07-12T16:40:24.000Z","size":96,"stargazers_count":74,"open_issues_count":1,"forks_count":10,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-08T12:06:04.156Z","etag":null,"topics":["android","appsec","burpsuite","docker","emulator","frida","hacking","jadx","lab","lubuntu","mobsf","objection","pidcat","redroid","scrcpy-android"],"latest_commit_sha":null,"homepage":"https://adityatelange.in/blog/mobsleuth-lab/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adityatelange.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"ko_fi":"adityatelange","github":"adityatelange"}},"created_at":"2024-02-24T06:53:40.000Z","updated_at":"2025-01-06T02:59:36.000Z","dependencies_parsed_at":"2024-05-01T11:33:52.755Z","dependency_job_id":"8c7701be-2b97-4889-b7e5-ae163c4988c8","html_url":"https://github.com/adityatelange/MobSleuth","commit_stats":null,"previous_names":["adityatelange/mobsleuth"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adityatelange%2FMobSleuth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adityatelange%2FMobSleuth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adityatelange%2FMobSleuth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adityatelange%2FMobSleuth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adityatelange","download_url":"https://codeload.github.com/adityatelange/MobSleuth/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234096899,"owners_count":18779363,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","appsec","burpsuite","docker","emulator","frida","hacking","jadx","lab","lubuntu","mobsf","objection","pidcat","redroid","scrcpy-android"],"created_at":"2024-10-29T10:23:23.512Z","updated_at":"2025-09-24T15:32:12.397Z","avatar_url":"https://github.com/adityatelange.png","language":"Shell","funding_links":["https://ko-fi.com/adityatelange","https://github.com/sponsors/adityatelange"],"categories":[],"sub_categories":[],"readme":"# MobSleuth 📲\n\n\u003e Scripts to set up your own mobile 📱 app hacking lab (currently focusing on Android)\n\nIncludes the following tools:\n\n| Tool Name | Type | Description |\n| ---------------------------------------------------------------------------------- | ----------- | ----------------------------------------------------------------------------------------------------------------- |\n| [MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF) | FOSS | Mobile Security Framework is an open-source, automated mobile app security testing tool. |\n| [reDroid](https://github.com/remote-android/redroid-doc) | FOSS | Remote anDroid solution for emulating an Android device in a container. |\n| [Scrcpy](https://github.com/Genymobile/scrcpy) | FOSS | A free and open-source tool that allows you to mirror and control your Android device from your computer via ADB. |\n| [Frida](https://github.com/frida/frida) | FOSS | Dynamic instrumentation toolkit for developers, reverse-engineers, and security researchers. |\n| [Jadx](https://github.com/skylot/jadx) | FOSS | Dex to Java decompiler. |\n| [Objection](https://github.com/sensepost/objection) | FOSS | Runtime Mobile Exploration. |\n| [Pidcat](https://github.com/JakeWharton/pidcat) | FOSS | Colored logcat script which only shows log entries for a specific application package. |\n| [APKiD](https://github.com/rednaga/APKiD) | FOSS | Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android. |\n| [ApkTool](https://github.com/iBotPeaches/Apktool) | FOSS | A tool for reverse engineering Android apk files. |\n| [BurpSuite CE](https://portswigger.net/burp/documentation/desktop/getting-started) | proprietary | Powerful web application security testing platform with interception, scanning, fuzzing, and more. |\n\nWhat you get:\n- A complete setup of tools to start hacking Android apps.\n- A dockerized environment to run Android apps in a container.\n- One-command `root` access to the Android container.\n- BurpSuite running on the host machine to intercept and modify traffic.\n- Mobsf with *dynamic analysis* capabilities connected to Android container.\n- ADB server running on port 5555 to connect to the Android container.\n- Scrcpy to mirror and control the Android container.\n- Scripts to generate a CA certificate and install them on the Android container.\n- Scripts to install and run Frida on the Android container.\n\n\u003ckbd\u003e![Screenshot](https://github.com/adityatelange/MobSleuth/assets/21258296/c5a2d717-ba51-4209-8140-7d204e14579c)\u003c/kbd\u003e\n\n\n## Setup a VM - Lubuntu-22.04\n\n- [Download Lubuntu](https://lubuntu.me/downloads/) or any Ubuntu based distro.\n- Use [Lubuntu Installation Guide](https://manual.lubuntu.me/stable/1/1.3/installation.html) to install a VM in Virtualbox.\n- Make sure you configure sufficient resources for lab to run smoothly.\n - Minimum 25GB of virtual disk space.\n - Minimum 8GB RAM allocated.\n - Mininum 4 Cores allocated.\n\n## Install\n\n\u003e [!NOTE] \n\u003e Below scripts might require `sudo` access to install certain packages and dependencies.\n\u003e Review the scripts before running them.\n\n```sh\nwget -qO - https://raw.githubusercontent.com/adityatelange/MobSleuth/main/install.sh | bash\n```\n\nTools can be installed one by one.\n\n```sh\ncd $HOME/MobSleuth/src\nbash install/common_deps.sh\nbash install/docker.sh\n```\n\nLogout and login again to apply group changes as we have added user to `docker` group.\n\nContinue installing rest of the components.\n\n```sh\ncd $HOME/MobSleuth/src\nbash install/redroid.sh\nbash install/mobsf.sh\nbash install/scrcpy.sh\nbash install/frida.sh\nbash install/jadx.sh\nbash install/burpsuite.sh\nbash install/objection.sh\nbash install/pidcat.sh\n```\n\n## After Installation\n\nAll the tools are installed in the `~/MobSleuth` directory.\n\n- `~/MobSleuth/src` - contains the installation scripts. You may update MobSleuth using `git pull` in this directory.\n- `~/MobSleuth/installers` - contains the downloaded installers.\n- `~/MobSleuth/data11_vol` - contains the data directory for the reDroid container for persistence.\n- `~/MobSleuth/mobsf_vol` - contains the data directory for the MobSF container for persistence.\n- `~/MobSleuth/tools` - contains the tools installed.\n- `~/MobSleuth/certs` - contains the generated CA certificate and private key.\n\n## Usage\n\n### Start the containers\n\n```sh\ncd $HOME/MobSleuth\nbash run/run_mobsleuth_services.sh\n```\n\nThis will start the following services:\n- reDroid - Android container accessible on port 5555\n- MobSF - Mobile Security Framework accessible on port 8000\n\n### Generate CA certificate\n\n```sh\ncd $HOME/MobSleuth\nbash scripts/generate_cert.sh\n```\n\n### Install CA certificate on the Android container\n\nMake sure the Android container is running.\n\n```sh\ncd $HOME/MobSleuth\nbash scripts/push_cert.sh\n```\n\n### Import CA certificate in BurpSuite\n\n- Open BurpSuite and go to `Proxy` \u003e `Proxy Settings`\n- Select an Interface and click on `Edit`.\n- Click on `Import / export CA Certificate`.\n- Select `Certificate and private key in DER format` and click `Next`.\n- In CA Certificate, select `~/MobSleuth/cert/certificate.der` and in Private key, select `~/MobSleuth/cert/certificate_private_key.der`.\n- Click `Next` and `OK`.\n\n### Set/Unset BurpSuite Proxy in the Android container\n\n```sh\ncd $HOME/MobSleuth\nbash run/set_proxy.sh\n```\n\nUnset using:\n \n```sh\ncd $HOME/MobSleuth\nbash run/unset_proxy.sh\n```\n\n### Access MobSF\n\nOpen your browser and go to `http://localhost:8000`.\n\n### Access reDroid\n\nConnect to the Android container using `scrcpy` or `adb`.\n\nMirror Screen using `scrcpy`:\n\n```sh\nscrcpy\n```\n\nConnect using `adb`:\n\n```sh\nadb connect localhost:5555\n```\n\nADB shell:\n\n```sh\nadb shell\n```\n\n### Rooting the Android container\n\nMake sure the Android container is running. Then run the following command.\n\n```sh\nadb root\n```\n\n### Using Frida\n\nPush frida-server and run it on the Android container.\n\n```sh\ncd $HOME/MobSleuth\nbash scripts/push_fridaserver.sh\nbash scripts/run_fridaserver.sh\n```\n\nNow we can use `frida` to interact with the Android container.\n\n```sh\nfrida-ps -U\n```\n\n### Access `jadx`/`objection`/`pidcat`\n\nThese tools can directly accessed using the terminal.\n\n```sh\njadx\n```\n\n```sh\nobjection\n```\n\n```sh\npidcat\n```\n\n## Uninstall\n\nThis will remove all the tools and the containers. Be careful before running this command.\n\n```sh\nsudo rm -rf $HOME/MobSleuth\n```\n\n## Setup Diagram\n\n```mermaid\nflowchart\n subgraph MobSleuth\n subgraph Docker Services\n subgraph reDroid\n redroid5555[\"ADB server listener :5555\"]\n redroid27042[\"frida-server\"]\n redroidvol[\"/data\"]\n redroidsserv[\"scrcpy-server\"]\n redroid5555 \u003c---\u003e redroidsserv\n redroid5555 \u003c---\u003e redroid27042\n end\n\n subgraph MobSF\n mobsf8000[\"WebApp listener :8000\"]\n mobsfvol[\"/home/mobsf/.MobSF\"]\n DA[\"Dynamic Analyzer\"] --\u003e |\"via MOBSF_ANALYZER_IDENTIFIER\"| redroid5555\n end\n end\n\n subgraph \"Host\"\n subgraph \"local directories\"\n mobsfdir[\"~/mobsf\"] \u003c--\u003e mobsfvol\n redroiddir[\"~/data11\"] \u003c--\u003e redroidvol\n end\n\n subgraph listener ports\n lp5555[\":5555\"] \u003c==\u003e |\"5555:5555\"| redroid5555\n lp8000[\":8000\"] \u003c==\u003e |\"8000:8000\"| mobsf8000\n end\n end\n\n subgraph Tools\n subgraph ADB\n adbd[\"daemon :5037\"] \u003c---\u003e |\"shell\"| lp5555\n end\n\n subgraph scrcpy\n scr[\"via ADB\"] \u003c---\u003e lp5555\n end\n\n subgraph BurpSuite\n burp[\"Proxy listener :8080\"] \u003c-.-\u003e |\"proxied traffic\"| reDroid\n end\n\n subgraph Frida\n frida[\"frida-tools\"] \u003c---\u003e lp5555\n end\n\n subgraph pidcat\n pid[\"via ADB\"] \u003c---\u003e lp5555\n end\n\n subgraph objection\n obj[\"via ADB\"] \u003c---\u003e lp5555\n end\n\n subgraph jadx\n end\n end\n end\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadityatelange%2Fmobsleuth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadityatelange%2Fmobsleuth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadityatelange%2Fmobsleuth/lists"}