android-security-awesome
A collection of android security related resources
https://github.com/ashishb/android-security-awesome
Last synced: 9 days ago
JSON representation
-
Tools
-
Online Analyzers
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- MobiSec Eacus
- Android Sandbox
- MobiSec Eacus
- Android Sandbox
- MobiSec Eacus
- Android Sandbox
- MobiSec Eacus
- Android Sandbox
- MobiSec Eacus
- Android Sandbox
- MobiSec Eacus
- Android Sandbox
- MobiSec Eacus
- Android Sandbox
- Android Sandbox
- Android Sandbox
- AMAaaS - Free Android Malware Analysis Service. A bare-metal service features static and dynamic analysis for Android applications. A product of [MalwarePot](https://malwarepot.com/index.php/AMAaaS)~~.
- Android Sandbox
- Android Sandbox
- Comdroid
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Mobile-Sandbox
- Android Sandbox
- Virustotal
- NowSecure Lab Automated - Enterprise tool for mobile app security testing both Android and iOS mobile apps. Lab Automated features dynamic and static analysis on real devices in the cloud to return results in minutes. Not free
- ANY.RUN - An interactive cloud-based malware analysis platform with support for Android application analysis. Limited free plan available.
- AMAaaS - Free Android Malware Analysis Service. A bare-metal service features static and dynamic analysis for Android applications. A product of [MalwarePot](https://malwarepot.com/index.php/AMAaaS)~~.
- Visual Threat - no longer an Android app analyzer~~
- SandDroid
- Stowaway
- Mobile-Sandbox
- Android Sandbox
- Dexter
- Koodous - Performs static/dynamic malware analysis over a vast repository of Android samples and checks them against public and private Yara rules.
-
Reverse Engineering
- vim syntax coloring for smali files
- Dedexer
- Indroid
- CFR - Java decompiler
- Smali viewer
- ZjDroid
- Dare
- Jad - Java decompiler
- Smali/Baksmali
- emacs syntax coloring for smali files
- vim syntax coloring for smali files
- AndBug
- Androguard
- Apktool
- Android Framework for Exploitation
- Bypass signature and permission checks for IPCs
- Android OpenDebug
- Dex2Jar - dex to jar converter
- Enjarify - dex to jar converter from Google
- Fino
- Introspy
- JD-GUI - Java decompiler
- Krakatau - Java decompiler
- Redexer
- Simplify Android deobfuscator
- Bytecode viewer
- Jadx
- Dwarf - GUI for reverse engineering
- Andromeda - Another basic command-line reverse engineering tool
- apk-mitm - A CLI application that prepares Android APK files for HTTPS inspection
- Noia - Simple Android application sandbox file browser tool
- Obfuscapk
- ARMANDroid - ARMAND (Anti-Repackaging through Multi-pattern, Anti-tampering based on Native Detection) is a novel anti-tampering protection scheme that embeds logic bombs and AT detection nodes directly in the apk file without needing their source code.
- MVT (Mobile Verification Toolkit) - a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices
- Dexmod - a tool to exemplify patching Dalvik bytecode in a DEX (Dalvik Executable) file and assist in the static analysis of Android applications.
- odex-patcher - Run arbitrary code by patching OAT files
- PhoneSpolit-Pro - An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit Framework to get a Meterpreter session.
- APKLab - plugin for VS code to analyze APKs
- IntentSniffer
- Radare2
- Apktool
-
Static Analysis Tools
- Droid Intent Data Flow Analysis for Information Leakage
- DroidLegacy
- Smali CFG generator
- FlowDroid
- Android Decompiler
- PSCout - A tool that extracts the permission specification from the Android OS source code using static analysis
- SPARTA - verifies (proves) that an app satisfies an information-flow security policy; built on the [Checker Framework](https://types.cs.washington.edu/checker-framework/)~~
- Several tools from PSU
- ApkAnalyser
- Amandroid
- SmaliSCA - Smali Static Code Analysis
- Madrolyzer - extracts actionable data like C&C, phone number etc.
- ConDroid - Performs a combination of symbolic + concrete execution of the app
- DroidRA
- RiskInDroid - A tool for calculating the risk of Android apps based on their permissions, with an online demo available.
- SUPER - Secure, Unified, Powerful, and Extensible Rust Android Analyzer
- ClassyShark - A Standalone binary inspection tool that can browse any Android executable and show important info.
- StaCoAn - Cross-platform tool that aids developers, bug-bounty hunters, and ethical hackers in performing static code analysis on mobile applications. This tool was created with a big focus on usability and graphical guidance in the user interface.
- JAADAS - Joint intraprocedural and interprocedural program analysis tool to find vulnerabilities in Android apps, built on Soot and Scala
- Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System
- One Step Decompiler - Android APK Decompilation for the Lazy
- APKLeaks - Scanning APK file for URIs, endpoints & secrets.
- Mobile Audit - Web application for performing Static Analysis and detecting malware in Android APKs.
- Androwarn - detect and warn the user about potential malicious behaviors developed by an Android application.
- Detekt - Static code analysis for Kotlin
- CFGScanDroid - Scans and compares the CFG against the CFG of malicious applications
- APKdevastate - Advanced analysis software for APK payloads created by RATs.
- One Step Decompiler - Android APK Decompilation for the Lazy
- APKInspector
- Droid Intent Data Flow Analysis for Information Leakage
-
Vulnerable Applications for practice
-
Programming Languages
Categories
Sub Categories
Online Analyzers
115
Dynamic Analysis Tools
50
Reverse Engineering
41
Static Analysis Tools
30
Misc Tools
21
Malware
14
Market Crawlers
10
Vulnerable Applications for practice
9
Others
9
List
8
Fuzz Testing
7
App Vulnerability Scanners
6
How to report Security issues
3
Research Papers
3
Books
1
App Repackaging Detectors
1
Bounty Programs
1
Keywords
android
38
reverse-engineering
16
apk
14
android-security
11
security
10
mobile-security
10
static-analysis
9
java
7
pentesting
6
dynamic-analysis
6
frida
6
malware-analysis
5
ios
5
dalvik
5
python
5
apktool
4
android-application
4
dex
4
smali
4
kotlin
4
linux
4
security-tools
3
ios-security
3
ios-app
3
network-analysis
3
mobile
3
penetration-testing
3
hacking
3
android-hacking
3
bugbounty
3
ssl
2
vulnerable-application
2
adb
2
macos
2
kotlin-android
2
malware-research
2
security-audit
2
research
2
vulnerabilities
2
windows
2
google
2
exploit
2
vulnerability
2
odex
2
malware
2
pentest-tool
2
binary-analysis
2
mstg
2
application-security
2
malware-analyzer
2