fucking-android-security-awesome
A collection of android security related resources. With repository stars⭐ and forks🍴
https://github.com/Correia-jpv/fucking-android-security-awesome
Last synced: 9 days ago
JSON representation
-
Source
-
How to report Security issues
-
-
Tools
-
Dynamic Analysis Tools
- Androl4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
- Android DBI frameowork
- Android Malware Analysis Toolkit - (Linux distro) Earlier, it used to be an [online analyzer](http://dunkelheit.com.br/amat/analysis/index_en.php)~~
- Mobile-Security-Framework MobSF - Mobile Security Framework is an intelligent, all-in-one open-source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis, and web API testing.
- Inspeckage - Android Package Inspector - dynamic analysis with API hooks, start unexported activities, and more. (Xposed Module)
- Android Hooker - Dynamic Java code instrumentation (requires the Substrate Framework)
- ProbeDroid - Dynamic Java code instrumentation
- CuckooDroid - Android extension for Cuckoo sandbox
- Mem - Memory analysis of Android (root required)
- Aurasium - place reference monitoring.
- StaDynA - a system supporting security app analysis in the presence of dynamic code update features (dynamic class loading and reflection). This tool combines static and dynamic analysis of Android applications in order to reveal the hidden/updated behavior and extend static analysis results with this information.
- Vezir Project - Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis
- MARA - Mobile Application Reverse Engineering and Analysis Framework
- AndroPyTool - a tool for extracting static and dynamic features from Android APKs. It combines different well-known Android app analysis tools such as DroidBox, FlowDroid, Strace, AndroGuard, and VirusTotal analysis.
- Runtime Mobile Security (RMS) - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
- Andriller - software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.
- friTap - Intercept SSL/TLS connections with Frida; Allows TLS key extraction and decryption of TLS payload as PCAP on Android in real-time.
- House - House: A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
- Droidbox
- Brida - Burp Suite extension that, working as a bridge between Burp and Frida, lets you use and manipulate the applications' own methods while tampering with the traffic exchanged between the applications and their back-end services/servers.
- Android_application_analyzer - The tool is used to analyze the content of the Android application in local storage.
- adbsploit - tools for exploiting device via ADB
- Android Linux Kernel modules
- Drozer
- Taintdroid - requires AOSP compilation
- Android DBI frameowork
- DroidAnalytics - incomplete
- Android Malware Sandbox
- PAPIMonitor - select APIs during the app execution.
- HacknDroid - A tool designed to automate various Mobile Application Penetration Testing (MAPT) tasks and facilitate interaction with Android devices.
- MPT - MPT (Mobile Pentest Toolkit) is a must-have solution for your Android penetration testing workflows. This tool allows you to automate security tasks.
- AuditdAndroid
- DECAF - Dynamic Executable Code Analysis Framework based on QEMU (DroidScope is now an extension to DECAF)
-
Online Analyzers
- Tracedroid
- AndroTotal
- AVC UnDroid
- Mobile Malware Sandbox
- CopperDroid
- SandDroid
- Stowaway
- Anubis
- Mobile app insight
- Ijiami
- MobiSec Eacus
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Comdroid
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Android Sandbox
- Fraunhofer App-ray - not free
- SandDroid
- Stowaway
- Mobile-Sandbox
- Android Sandbox
-
Static Analysis Tools
- Smali CFG generator
- Several tools from PSU
- Detekt - Static code analysis for Kotlin
- ClassyShark - A Standalone binary inspection tool that can browse any Android executable and show important info.
- SmaliSCA - Smali Static Code Analysis
- Madrolyzer - extracts actionable data like C&C, phone number etc.
- RiskInDroid - A tool for calculating the risk of Android apps based on their permissions, with an online demo available.
- SUPER - Secure, Unified, Powerful, and Extensible Rust Android Analyzer
- StaCoAn - Cross-platform tool that aids developers, bug-bounty hunters, and ethical hackers in performing static code analysis on mobile applications. This tool was created with a big focus on usability and graphical guidance in the user interface.
- JAADAS - Joint intraprocedural and interprocedural program analysis tool to find vulnerabilities in Android apps, built on Soot and Scala
- APKLeaks - Scanning APK file for URIs, endpoints & secrets.
- Quark-Engine - An Obfuscation-Neglect Android Malware Scoring System
- ApkAnalyser
- ConDroid - Performs a combination of symbolic + concrete execution of the app
- DroidRA
- Mobile Audit - Web application for performing Static Analysis and detecting malware in Android APKs.
- Androwarn - detect and warn the user about potential malicious behaviors developed by an Android application.
- APKdevastate - Advanced analysis software for APK payloads created by RATs.
- CFGScanDroid - Scans and compares the CFG against the CFG of malicious applications
- APKdevastate - Advanced analysis software for APK payloads created by RATs.
- One Step Decompiler - Android APK Decompilation for the Lazy
- APKInspector
-
Reverse Engineering
- Jad - Java decompiler
- vim syntax coloring for smali files
- CFR - Java decompiler
- Smali viewer
- ZjDroid
- Dare
- MVT (Mobile Verification Toolkit) - a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices
- Jadx
- Smali/Baksmali
- emacs syntax coloring for smali files
- Androguard
- Android Framework for Exploitation
- Bypass signature and permission checks for IPCs
- Android OpenDebug
- Dex2Jar - dex to jar converter
- Enjarify - dex to jar converter from Google
- JD-GUI - Java decompiler
- APKLab - plugin for VS code to analyze APKs
- Bytecode viewer
- Simplify Android deobfuscator
- Krakatau - Java decompiler
- PhoneSpolit-Pro - An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit Framework to get a Meterpreter session.
- Noia - Simple Android application sandbox file browser tool
- Dwarf - GUI for reverse engineering
- Introspy
- Andromeda - Another basic command-line reverse engineering tool
- Redexer
- Obfuscapk
- odex-patcher - Run arbitrary code by patching OAT files
- apk-mitm - A CLI application that prepares Android APK files for HTTPS inspection
- vim syntax coloring for smali files
- AndBug
- Fino
- ARMANDroid - ARMAND (Anti-Repackaging through Multi-pattern, Anti-tampering based on Native Detection) is a novel anti-tampering protection scheme that embeds logic bombs and AT detection nodes directly in the apk file without needing their source code.
- Dexmod - a tool to exemplify patching Dalvik bytecode in a DEX (Dalvik Executable) file and assist in the static analysis of Android applications.
- Radare2
-
Vulnerable Applications for practice
-
Misc Tools
- smalihook
- Opcodes table for quick reference
- APK-Downloader - seems dead now
- Dalvik opcodes
- adb autocomplete
- mitmproxy
- dockerfile/androguard
- Android Vulnerability Test Suite - android-vts scans a device for set of vulnerabilities
- AppMon - AppMon is an automated framework for monitoring and tampering with system API calls of native macOS, iOS, and Android apps. It is based on Frida.
- Internal Blue - Bluetooth experimentation framework based on the Reverse Engineering of Broadcom Bluetooth Controllers
- Firmware Extractor - Extract given archive to images
- Android Mobile Device Hardening - AMDH scans and hardens the device's settings and lists harmful installed Apps based on permissions.
- Dalvik opcodes
- sundaysec/Android-Exploits - A collection of android Exploits and Hacks
- smalihook
- ARMv7 payload that provides arbitrary code execution on MediaTek bootloaders
- DroidGround - A flexible playground for Android CTF challenges
- AXMLPrinter2 - to convert binary XML files to human-readable XML files
- NullKia - Comprehensive mobile security framework supporting 18 manufacturers with baseband exploitation, cellular security, TEE/TrustZone research, and BootROM extraction tools.
-
App Vulnerability Scanners
- AndroBugs
- Nogotofail
- QARK - QARK by LinkedIn is for app developers to scan apps for security issues
-
Fuzz Testing
-
App Repackaging Detectors
- FSquaDRA - a tool for detecting repackaged Android applications based on app resources hash comparison.
-
Market Crawlers
- Google Play crawler (Java)
- Google Play crawler (Node) - get app details and download apps from the official Google Play Store.
- Aptoide downloader (Node) - download apps from Aptoide third-party Android market
- Appland downloader (Node) - download apps from Appland third-party Android market
- Google Play crawler (Python)
- PlaystoreDownloader - PlaystoreDownloader is a tool for downloading Android applications directly from the Google Play Store. After an initial (one-time) configuration, applications can be downloaded by specifying their package name.
-
-
Exploits/Vulnerabilities/Bugs
-
Malware
- Android Malware Genome Project - contains 1260 malware samples categorized into 49 different malware families, free for research purposes.
- Android PRAGuard Dataset - The dataset contains 10479 samples, obtained by obfuscating the MalGenome and the Contagio Minidump datasets with seven different obfuscation techniques.~~
- Admire
- Android Malware Github repo
- Android Malware Genome Project - contains 1260 malware samples categorized into 49 different malware families, free for research purposes.
- Admire
- Android Malware Genome Project - contains 1260 malware samples categorized into 49 different malware families, free for research purposes.
-
How to report Security issues
- Android Reports and Resources - List of Android Hackerone disclosed reports and other resources
-
-
Academic/Research/Publications/Books
Programming Languages
Categories
Sub Categories
Reverse Engineering
36
Dynamic Analysis Tools
33
Online Analyzers
26
Static Analysis Tools
22
Misc Tools
19
Vulnerable Applications for practice
8
Malware
7
Market Crawlers
6
Fuzz Testing
6
Others
5
App Vulnerability Scanners
3
How to report Security issues
2
App Repackaging Detectors
1
Research Papers
1
Keywords
android
36
reverse-engineering
15
apk
12
security
11
mobile-security
10
android-security
10
static-analysis
9
frida
6
dynamic-analysis
6
java
6
dalvik
5
malware-analysis
5
python
5
ios
5
pentesting
4
android-application
4
linux
4
smali
4
dex
4
security-tools
3
ios-security
3
kotlin
3
bugbounty
3
penetration-testing
3
ios-app
3
network-analysis
3
apktool
3
android-hacking
3
hacking
3
vulnerable-application
2
mobile
2
analysis
2
decompiler
2
pentest-tool
2
apk-parser
2
exploit
2
adb
2
macos
2
binary-analysis
2
security-audit
2
malware
2
windows
2
vulnerability
2
mastg
2
mstg
2
malware-research
2
research
2
bytecode
2
odex
2
runtime-analysis
2