Android Security

AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.

A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.

An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.

Introspy-Android is a dynamic analysis framework that hooks Android APIs at runtime to monitor application behavior and identify security vulnerabilities on rooted devices.

A command-line tool for downloading Android APK files from the Appland platform via npm installation.

FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.

Aptoide is an alternative Android application marketplace that enables APK downloads and metadata retrieval for mobile security research and analysis.

CuckooDroid extends Cuckoo Sandbox to provide automated dynamic analysis of Android applications in a controlled sandbox environment.

Runtime mobile exploration toolkit powered by Frida for assessing mobile app security without jailbreak.

A web-based Android application dynamic analysis tool that provides real-time Frida instrumentation capabilities through a Flask interface with modular JavaScript hooking support.

A comprehensive guide to Android Security

Mobile Audit is a Docker-based SAST and malware analysis tool that performs comprehensive security analysis of Android APK files, including vulnerability detection, certificate verification, and Virus Total integration.

A forensic toolkit for analyzing Android and iOS devices to detect potential spyware infections and security compromises using indicators of compromise.

CFGScanDroid is a Java utility that compares control flow graph signatures to Android method control flow graphs for malicious application detection.

ConDroid is a concolic execution framework for Android applications that automates dynamic analysis by driving execution to specific code locations without manual interaction.

A collection of security reports and resources documenting various Android application vulnerabilities including hardcoded credentials, insecure deeplinks, and code execution flaws.

Redexer is a reengineering tool that parses, analyzes, and modifies Android DEX files for binary manipulation and permission analysis.

ReFlutter is a reverse engineering framework that uses patched Flutter libraries to enable dynamic analysis and traffic monitoring of Flutter mobile applications on Android and iOS platforms.

A command-line Android APK vulnerability analyzer written in Rust that decompresses and scans APK files using rule-based detection to identify security issues.

A Java-based API tool for programmatically searching and downloading Android applications from Google Play Store with Galaxy S3 device compatibility.

A Bash completion script that provides auto-completion functionality for Android SDK command-line tools including adb, emulator, fastboot, and repo.

DroidBox is a dynamic analysis framework for Android applications that monitors runtime behavior, network activity, file operations, and security events while generating behavioral visualizations.

Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.

Inspeckage is a dynamic analysis tool for Android applications that provides runtime behavior monitoring through API hooking and real-time system interaction tracking.