KitPloitKITPLOIT:249292095984323465Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
50.6%
A curated list of Android Security materials and resources For Pentesters and Bug Hunters.
Blog
- AAPG - Android application penetration testing guide
- TikTok: three persistent arbitrary code executions and one theft of arbitrary files
- Persistent arbitrary code execution in Androidβs Google Play Core Library: details, explanation and the PoC - CVE-2020-8913
- Android: Access to app protected components
- Android: arbitrary code execution via third-party package contexts
- Android Pentesting Labs - Step by Step guide for beginners
- An Android Hacking Primer
- An Android Security tips
- OWASP Mobile Security Testing Guide
- Security Testing for Android Cross Platform Application
- Dive deep into Android Application Security
- Pentesting Android Apps Using Frida
- Mobile Security Testing Guide
- Android Applications Reversing 101
- Android Security Guidelines
- Android WebView Vulnerabilities
- OWASP Mobile Top 10
- Practical Android Phone Forensics
- Mobile Pentesting With Frida
- Zero to Hero - Mobile Application Testing - Android Platform
How Toβs
- How To Configuring Burp Suite With Android Nougat
- How To Bypassing Xamarin Certificate Pinning
- How To Bypassing Android Anti-Emulation
- How To Secure an Android Device
- Android Root Detection Bypass Using Objection and Frida Scripts
- Root Detection Bypass By Manual Code Manipulation.
- Magisk Systemless Root - Detection and Remediation
- How to use FRIDA to bruteforce Secure Startup with FDE-encryption on a Samsung G935F running Android 8
Paper
- AndrODet: An adaptive Android obfuscation detector
- GEOST BOTNET - the discovery story of a new Android banking trojan
Books
- SEI CERT Android Secure Coding Standard
- Android Security Internals
- Android Cookbook
- Android Hackerβs Handbook
- Android Security Cookbook
- The Mobile Application Hackerβs Handbook
- Android Malware and Analysis
- Android Security: Attacks and Defenses
- Learning Penetration Testing For Android Devices
Course
- Learning-Android-Security
- Mobile Application Security and Penetration Testing
- Advanced Android Development
- Learn the art of mobile app development
- Learning Android Malware Analysis
- Android App Reverse Engineering 101
- MASPT V2
- Android Pentration Testing(Persian)
Tools
Static Analysis
-
quark-engine - An Obfuscation-Neglect Android Malware Scoring System
-
Droid Hunter β Android application vulnerability analysis and Android pentest tool
-
Find Security Bugs β A SpotBugs plugin for security audits of Java web applications.
-
Smali/Baksmali β Assembler/Disassembler for the dex format
-
SPARTA β Static Program Analysis for Reliable Trusted Apps
-
Infer β A Static Analysis tool for Java, C, C++ and Objective-C
-
Android Check β Static Code analysis plugin for Android Project
-
FindBugs-IDEA Static byte code analysis to look for bugs in Java code
-
APK Leaks β Scanning APK file for URIs, endpoints & secrets
-
Trueseeing β fast, accurate and resillient vulnerabilities scanner for Android apps
-
StaCoAn β crossplatform tool which aids developers, bugbounty hunters and ethical hackers
Dynamic Analysis
- Mobile-Security-Framework MobSF
- Magisk v20.2 - Root & Universal Systemless Interface
- Runtime Mobile Security (RMS) - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
- Droid-FF - Android File Fuzzing Framework
- Drozer
- Inspeckage
- PATDroid - Collection of tools and data structures for analyzing Android applications
- Radare2 - Unix-like reverse engineering framework and commandline tools
- Cutter - Free and Open Source RE Platform powered by radare2
- ByteCodeViewer - Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger)
Online APK Analyzers
- Oversecured
- Android Observatory APK Scan
- AndroTotal
- VirusTotal
- Scan Your APK
- AVC Undroid
- OPSWAT
- ImmuniWeb Mobile App Scanner
- Ostor Lab
- Quixxi
- TraceDroid
- Visual Threat
- App Critique
- Jottiβs malware scan
- kaspersky scanner
Online APK Decompiler
- Android APK Decompiler
- Java Decompiler APk
- APK DECOMPILER APP
- DeAPK is an open-source, online APK decompiler
- apk and dex decompilation back to Java source code
- APK Decompiler Tools
Labs
- OVAA (Oversecured Vulnerable Android App)
- DIVA (Damn insecure and vulnerable App)
- OWASP Security Shepherd
- Damn Vulnerable Hybrid Mobile App (DVHMA)
- OWASP-mstg(UnCrackable Mobile Apps)
- VulnerableAndroidAppOracle
- Android InsecureBankv2
- Purposefully Insecure and Vulnerable Android Application (PIIVA)
- Sieve app(An android application which exploits through android components)
- DodoVulnerableBank(Insecure Vulnerable Android Application that helps to learn hacing and securing apps)
- Digitalbank(Android Digital Bank Vulnerable Mobile App)
- AppKnox Vulnerable Application
- Vulnerable Android Application
- Android Security Labs
- Android-security Sandbox
- VulnDroid(CTF Style Vulnerable Android App)
- FridaLab
- Santoku Linux - Mobile Security VM
- AndroL4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
Talks
- One Step Ahead of Cheaters β Instrumenting Android Emulators
- Vulnerable Out of the Box: An Evaluation of Android Carrier Devices
- Rock appround the clock: Tracking malware developers by Android
- Chaosdata - Ghost in the Droid: Possessing Android Applications with ParaSpectre
- Remotely Compromising Android and iOS via a Bug in Broadcomβs Wi-Fi Chipsets
- Honey, I Shrunk the Attack Surface β Adventures in Android Security Hardening
- Hide Android Applications in Images
- Scary Code in the Heart of Android
- Fuzzing Android: A Recipe For Uncovering Vulnerabilities Inside System Components In Android
- Unpacking the Packed Unpacker: Reverse Engineering an Android Anti-Analysis Native Library
- Android FakeID Vulnerability Walkthrough
- Unleashing D* on Android Kernel Drivers
- The Smarts Behind Hacking Dumb Devices
- Overview of common Android app vulnerabilities
- Android security architecture
- Get the Ultimate Privilege of Android Phone
Misc
- Android Malware Adventures
- Android-Reports-and-Resources
- Hands On Mobile API Security
- Android Penetration Testing Courses
- Lesser-known Tools for Android Application PenTesting
- android-device-check - a set of scripts to check Android device security configuration
- apk-mitm - a CLI application that prepares Android APK files for HTTPS inspection
- Andriller - is software utility with a collection of forensic tools for smartphones
- Dexofuzzy: Android malware similarity clustering method using opcode sequence-Paper
- Chasing the Joker
- Side Channel Attacks in 4G and 5G Cellular Networks-Slides
- Shodan.io-mobile-app for Android
- Popular Android Malware 2018
- Popular Android Malware 2019
- Popular Android Malware 2020
Bug Bounty & Writeup
Cheat Sheet
References
github.com/ac-pm/Inspeckage
github.com/antojoseph/droid-ff
github.com/appknox/vulnerable-application
github.com/B3nac/Android-Reports-and-Resources/blob/master/README.md
github.com/checkstyle/checkstyle
github.com/CSPF-Founder/DodoVulnerableBank
github.com/CyberScions/Digitalbank
github.com/dan7800/VulnerableAndroidAppOracle
github.com/den4uk/andriller
github.com/dineshshetty/Android-InsecureBankv2
github.com/dwisiswant0/apkleaks
github.com/EugenioDelfa/Smali-CFGs
github.com/facebook/infer
github.com/find-sec-bugs/find-sec-bugs/
github.com/FSecureLABS/drozer
github.com/google/error-prone
github.com/hahwul/droid-hunter
github.com/htbridge/pivaa
github.com/JesusFreke/smali
github.com/Lance0312/VulnApp
github.com/linkedin/qark
github.com/logicalhacking/DVHMA
github.com/m0bilesecurity/RMS-Runtime-Mobile-Security
github.com/maaaaz/androwarn/
github.com/Magpol/fridafde
github.com/mingyuan-xia/PATDroid
github.com/MobSF/Mobile-Security-Framework-MobSF
github.com/monolithworks/trueseeing
github.com/mwrlabs/drozer/releases/download/2.3.4/sieve.apk
github.com/nelenkov/android-device-check
github.com/noveogroup/android-check
github.com/novoda/gradle-static-analysis-plugin
github.com/oversecured/ovaa
github.com/OWASP/owasp-mstg/tree/master/Crackmes
github.com/OWASP/SecurityShepherd
github.com/PaulSec/Shodan.io-mobile-app
github.com/payatu/diva-android
github.com/pmd/pmd
github.com/pwittchen/android-quality-starter
github.com/quark-engine/quark-engine
github.com/radareorg/radare2
github.com/rafaeltoledo/android-security
github.com/Sable/soot
github.com/saeidshirazi/awesome-android-security
github.com/secure-software-engineering/FlowDroid
github.com/SecurityCompass/AndroidLabs
github.com/sh4hin/Androl4b
github.com/sh4hin/MobileApp-Pentest-Cheatsheet
github.com/shahenshah99/VulnDroid
github.com/shroudedcode/apk-mitm
github.com/sk3ptre/AndroidMalware_2018
github.com/sk3ptre/AndroidMalware_2019
github.com/sk3ptre/AndroidMalware_2020
github.com/skylot/jadx/releases
github.com/topjohnwu/Magisk5
github.com/vincentcox/StaCoAn
ibotpeaches.github.io/Apktool/
maddiestone.github.io/AndroidAppRE/
nightowl131.github.io/AAPG/
Related
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.1 High
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
50.6%