android-security-awesome

A collection of android security related resources.

A lot of work is happening in academia and industry on tools to perform dynamic analysis, static analysis and reverse engineering of android apps.

ONLINE ANALYZERS

1. AndroTotal
2. Anubis
3. App 360 scan
4. CopperDroid
5. Comdroid
6. Dexter
7. Foresafe
8. Mobile app insight
9. Mobile-Sandbox
10. Sandroid
11. Tracedroid
12. Visual Threat
13. Android Sandbox
14. Mobile Malware Sandbox
15. Stowaway – seems to be dead now

STATIC ANALYSIS TOOLS

2. Androwarn
3. ApkAnalyser
4. APKInspector
5. Droid Intent Data Flow Analysis for Information Leakage
6. Several tools from PSU
7. Smali CFG generator
8. FlowDroid
9. Android Decompiler – not free
10. PSCout - A tool that extracts the permission specification from the Android OS source code using static analysis

DYNAMIC ANALYSIS TOOLS

1. Android DBI frameowork
2. Android Malware Analysis Toolkit - (linux distro) Earlier it use to be an online analyzer
3. AppUse – custom build for pentesting
4. Cobradroid – custom image for malware analysis
5. ViaLab Community Edition
6. Droidbox
7. Mercury
8. Drozer
9. Taintdroid - requires AOSP compilation
10. Xposed - equivalent of doing Stub based code injection but without any modifications to the binary
11. Android Hooker - API Hooking of java methods triggered by any Android application (requires the Substrate Framework)
12. Android tamer - custom image
13. Droidscope - custom image for dynamic analysis
14. Crowdroid – unable to find the actual tool
15. AuditdAndroid – android port of auditd, not under active development anymore
16. Android Security Evaluation Framework - not under active development anymore
17. Android Reverse Engineering – ARE (android reverse engineering) not under active development anymore
18. Ijiami (Chinese) - seems dead now
19. Aurasium – rewrites the android app to add security policy, seems dead now
20. Android Linux Kernel modules
21. Appie- Appie is a software package that has been pre-configured to function as an Android Pentesting Environment.It is completely portable and can be carried on USB stick or smartphone.This is a one stop answer for all the tools needed in Android Application Security Assessment and an awesome alternative to existing virtual machines.

REVERSE ENGINEERING

1. Smali/Baksmali – apk decompilation
2. emacs syntax coloring for smali files
3. vim syntax coloring for smali files
4. AndBug
5. Androguard – powerful, integrates well with other tools
6. Apktool – really useful for compilation/decompilation (uses smali)
7. Android Framework for Exploitation
8. Bypass signature and permission checks for IPCs
9. Android OpenDebug – make any application on device debuggable (using cydia substrate).
10. Dare – .dex to .class converter
11. Dex2Jar
12. Dedexer
13. Fino
14. Indroid – thread injection kit
15. IntentFuzzer
16. IntentSniffer
17. Introspy
18. Jad - Java decompiler
19. JD-GUI - Java decompiler
20. CFR - Java decompiler
21. Krakatau - Java decompiler
22. Procyon - Java decompiler
23. Redexer – apk manipulation
24. Smali viewer
25. ZjDroid (no longer available), fork/mirror
26. Simplify Android deobfuscator
27. Bytecode viewer

Exploitable Vulnerabilties

1. Vulnerability Google doc
2. [Root Exploits (from Drozer issue #56)(https://github.com/mwrlabs/drozer/issues/56)

SAMPLE SOURCES

1. contagio mini dump
2. Open Source database

MISC TOOLS/READINGS

1. smalihook
2. APK-Downloader
3. AXMLPrinter2 - to convert binary XML files to human-readable XML files
4. An Android port of the melkor ELF fuzzer
5. adb autocomplete
6. Dalvik opcodes
7. Opcodes table for quick reference
8. A good collection of static analysis papers
9. ExploitMe - for practice
10. GoatDroid - for practice
11. Android Labs - for practice
12. mitmproxy
13. dockerfile/androguard

Other Awesome Lists

Other amazingly awesome lists can be found in the awesome-awesomeness list.

Contributing

Your contributions are always welcome!