Quick Android Review Kit Logo

Quick Android Review Kit

0
Free
Visit Website

This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. There is no need to root the test device, as this tool focuses on vulnerabilities that can be exploited under otherwise secure conditions. It is capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands, capable of exploiting many of the vulnerabilities it finds. For more options please see the --help command. Results: A report is generated in JSON and can be built into other format types, to change the report type please use the --report-type flag. Installation: With pip (no security checks on requirements): ~ pip install --user qark # --user is only needed if not using a virtualenv ~ qark --help With requirements.txt (security checks on requirements): ~ git clone https://github.com/linkedin/qark ~ cd qark ~ pip install -r requirements.txt ~ pip install . --user # --user is only needed if not using a virtualenv

FEATURES

ALTERNATIVES

A vulnerability assessment and management tool that uses patented technology to accurately identify vulnerabilities and prioritize them by risk.

An open source project for static analysis of vulnerabilities in application containers

iOS application for testing iOS penetration testing skills in a legal environment.

Weekly security newsletter with advisories from major software vendors

A JavaScript scanner built in PHP for scraping URLs and other information.

A free and open-source deliberately insecure web application for security enthusiasts, developers, and students to discover and prevent web vulnerabilities.

A Pythonic interface to the Internet Storm Center / DShield API

Tool to identify and understand code-injection vulnerabilities in Windows 7 UAC whitelist system.