Android Security

An unofficial Python API that enables programmatic searching, browsing, and downloading of Android apps from Google Play Store.

OVAA is an intentionally vulnerable Android application that aggregates common platform security vulnerabilities for educational and security testing purposes.

A repository aiming to archive all Android security presentations and whitepapers from conferences.

Fridump is an open source memory dumping tool that uses the Frida framework to extract accessible memory addresses from iOS, Android, and Windows applications for security testing and analysis.

AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.

A deliberately vulnerable Android application containing multiple security flaws designed for educational purposes and security training.

A security checklist based on OWASP standards that provides comprehensive guidelines for designing, testing, and releasing secure Android applications.

An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.

AppMon is a Frida-based automated framework for monitoring and tampering with system API calls across macOS, iOS, and Android applications.

An Android port of the Radamsa fuzzing tool compiled with Android NDK to support Android ABIs for security testing on mobile platforms.

RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.

UDcide is an Android malware analysis tool that detects and removes specific malicious behaviors from malware samples while preserving the binary for investigation purposes.

AMExtractor is an Android memory acquisition tool that dumps physical device memory using /dev/kmem without requiring kernel source code.

A security policy enforcement framework for Android applications that uses bytecode rewriting and in-place reference monitoring to inject security controls into APK files.

QARK is a static analysis tool that scans Android applications for security vulnerabilities and can generate proof-of-concept exploits for discovered issues.

Docker file for building Androguard dependencies with an optional interactive shell environment.

DroidRA is an instrumentation-based Android security analysis tool that improves the accuracy of reflective call analysis through composite constant propagation techniques.

AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.

A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.

An Emacs major mode that provides syntax highlighting and enhanced readability for smali code files used in Android malware analysis.

Introspy-Android is a dynamic analysis framework that hooks Android APIs at runtime to monitor application behavior and identify security vulnerabilities on rooted devices.

A command-line tool for downloading Android APK files from the Appland platform via npm installation.

FSquaDRA detects repackaged Android applications by computing Jaccard similarity over file digests within APK packages using pre-computed signing digests for improved performance.

Aptoide is an alternative Android application marketplace that enables APK downloads and metadata retrieval for mobile security research and analysis.