The android application analyzer is the GUI to do the process of static analysis during the android application penetration testing with single-click support of jd-gui, apktool, MobSF, frida script hook and android logcat.
7. Static Analysis
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
8. Static Analysis
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
9. Static Analysis
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To check
Sensitive
information
in Logcat
10. Static Analysis
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To check
Sensitive
information
in Logcat
13. Static Analysis
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To check
Sensitive
information
in Logcat
To bypass
checks and
carryon
penetration
testing
14. Static Analysis
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To
Hook the
code, To
Bypass SSL
Pinning and
other client-
side
validation
To check
Sensitive
information
in Logcat
To bypass
checks and
carryon
penetration
testing
15. Static Analysis
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To bypass
checks and
carryon
penetration
testing
To
Hook the
code, To
Bypass SSL
Pinning and
other client-
side
validation
To bypass client-side check, To
trace certain function
• Decompile Using APK
• Modify the source using Text
Editor
• Compile APK from Modified
Source
• Sign APK using Sign.Jar
• Uninstall old APK
• Install New APK
Source-Code
Obfuscated
To check
Sensitive
information
in Logcat
16. Static Analysis
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To bypass
checks and
carryon
penetration
testing
To
Hook the
code, To
Bypass SSL
Pinning and
other client-
side
validation
To bypass client-side check, To
trace certain function
• Decompile Using APK
• Modify the source using Text
Editor
• Compile APK from Modified
Source
• Sign APK using Sign.Jar
• Uninstall old APK
• Install New APK
Source-Code
Obfuscated
To check
Sensitive
information
in Logcat
To
dump
App
Memory
17. Android Application Analyzer
- GUI for Android Application static analysis
- To Save Time
- To cover all the test cases during penetration testing
19. Prerequisites
- Python3
- Frida client installed on host machine
- MobSF available on http://localhost:8000
- For Universal Frida SSL Unpinning, Replace the burp certificate in “tools”
directory
- For Fridump, Application needs to be running on the device
22. Demo
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
23. Demo
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
To check
Sensitive
information
in Logcat
24. Demo
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To check
Sensitive
information
in Logcat
25. Demo
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To check
Sensitive
information
in Logcat
26. Demo
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To
Hook the
code, To
Bypass SSL
Pinning and
other client-
side
validation
To check
Sensitive
information
in Logcat
To bypass
checks and
carryon
penetration
testing
27. Demo
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To bypass
checks and
carryon
penetration
testing
To
Hook the
code, To
Bypass SSL
Pinning and
other client-
side
validation
To bypass client-side check, To
trace certain function
• Decompile Using APK
• Modify the source using Text
Editor
• Compile APK from Modified
Source
• Sign APK using Sign.Jar
• Uninstall old APK
• Install New APK
Source-Code
Obfuscated
To check
Sensitive
information
in Logcat
28. Demo
To check for
Source-code
obfuscation
Debuggable Flag
Backup Flag
Exported Activity, Services,
Broadcast, Provider
Source Code Analysis
Hardcoded Sensitive
Information
Deep link URL Schemes
Install APK
To check for sensitive
information (Insecure Local
Storage)
• /data/data/AppFolder
• /sdcard/data/AppFolder
Exploitation
Framework
Exploit Exported
Component
• Activity
• Services
• Broadcast
• Provider
To bypass
checks and
carryon
penetration
testing
To
Hook the
code, To
Bypass SSL
Pinning and
other client-
side
validation
To bypass client-side check, To
trace certain function
• Decompile Using APK
• Modify the source using Text
Editor
• Compile APK from Modified
Source
• Sign APK using Sign.Jar
• Uninstall old APK
• Install New APK
Source-Code
Obfuscated
To check
Sensitive
information
in Logcat
To
dump
App
Memory