drozer Logo

drozer

0
Free
4,306
24 Jun 2025
10 September 2025
Visit Website

drozer is a security testing framework designed for Android platforms that enables security researchers and penetration testers to identify vulnerabilities in mobile applications and devices. The framework operates by interacting with the Android Runtime environment, allowing users to communicate with Inter-Process Communication (IPC) endpoints of other applications and the underlying operating system. This interaction capability enables comprehensive security assessments of Android environments. drozer provides access to public Android exploits and includes tools for understanding, utilizing, and sharing these exploits within the security community. The framework supports vulnerability discovery through systematic testing of Android applications and system components. The tool is maintained by WithSecure as open source software and has been updated to support Python3 in its beta release. The current version includes Docker container support and manual building instructions to ensure compatibility across different environments. Users should note that this beta release has known limitations, including potential client crashes when building custom agents, which are considered outside the scope of the current release.

FEATURES

SIMILAR TOOLS

A tool for extracting static and dynamic features from Android APKs.

A hardware security validation toolkit for x86 platforms that provides bootable tools for checking platform configuration registers and managing SecureBoot keys.

A command line steganography tool that uses LSB technique to hide files within images without visible alteration.

Semi-tethered jailbreak for iPhone 5s to iPhone X, running iOS 12.0 and up, using the 'checkm8' bootrom exploit.

An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.

Extract local data storage of an Android application in one click.

Python tool for monitoring user-select APIs in Android apps using Frida.

Web-based tool for browsing mobile applications sandbox and previewing SQLite databases.

PLCinject is a tool for injecting and patching blocks on PLCs with a call instruction.

PINNED

Proton Pass Logo

Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.

Data Protection
NordVPN Logo

NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.

Network Security
Mandos Logo

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CybersecTools logoCybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved