Android Vulnerability Test Suite Logo

Android Vulnerability Test Suite

0
Free
Visit Website

This tool was meant to show the end user the attack surface that a given device is susceptible to. In implementing these checks we attempt to minimize or eliminate both false positives/false negatives without negatively affecting system stability. Rationale for necessity: When a vulnerability is discovered, Google receives word and applies a patch to Android. The Nexus devices are usually the devices that receive these patches quickest as they deviate the least (read: not at all) from AOSP (Android Open Source Project - The core of Android, where Google commits to). For example, the futex bug (CVE-2014-3153/Towelroot) was known about in late May, early June. This bug took multiple months to get patched on the flagship (at the time) Nexus 5. This leaves users extremely vulnerable to attack from applications. Users mostly do not know that their devices are vulnerable.

FEATURES

ALTERNATIVES

A tool that checks for hijackable packages in NPM and Python Pypi registries

Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.

An application security platform that aggregates, prioritizes and contextualizes vulnerabilities from multiple security scanners and sources to help manage application and cloud security risks.

A ruby script that scans for vulnerable 3rd-party web applications

List of publicly disclosed vulnerabilities with security filters and detailed advisories.

An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.

A comprehensive guide to Android Security

A tool to run YARA rules against node_module folders to identify suspicious scripts

PINNED