From 3fa924c28e13c5c2aec69ee25731889b7962c200 Mon Sep 17 00:00:00 2001 From: Anant Shrivastava Date: Tue, 2 Feb 2016 20:57:15 +0000 Subject: [PATCH] added couple of android tools --- README.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 8a54cbd..f947079 100644 --- a/README.md +++ b/README.md @@ -59,18 +59,19 @@ The Mobile App Pentest cheat sheet was created to provide concise collection of * [JD-Gui](http://jd.benow.ca/) - A tool for decompiling and analyzing Java code. * [FindBugs](http://findbugs.sourceforge.net/) + [FindSecurityBugs](http://h3xstream.github.io/find-sec-bugs/) - FindSecurityBugs is a extension for FindBugs which include security rules for Java applications. * [Qark](https://github.com/linkedin/qark) - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. -* [AndroBugs] (https://github.com/AndroBugs/AndroBugs_Framework) - AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows. +* [AndroBugs](https://github.com/AndroBugs/AndroBugs_Framework) - AndroBugs Framework is an efficient Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications. No need to install on Windows. * [Simplify](https://github.com/CalebFenton/simplify) - A tool for de-obfuscating android package into Classes.dex which can be use Dex2jar and JD-GUI to extract contents of dex file. * simplify.jar -i [input smali files or folder] -o [output dex file] * [ClassNameDeobfuscator](https://github.com/HamiltonianCycle/ClassNameDeobfuscator) - Simple script to parse through the .smali files produced by apktool and extract the .source annotation lines. #### Dynamic and Runtime Analysis -* [Introspy-Android](https://github.com/iSECPartners/Introspy-Android) - Blackbox tool to help understand what an Android application is doing at runtime and assist in the identification of potential security issues. * [Cydia Substrate](http://www.cydiasubstrate.com/) - Cydia Substrate for Android enables developers to make changes to existing software with Substrate extensions that are injected in to the target process's memory. * [Xposed Framework](http://forum.xda-developers.com/xposed/xposed-installer-versions-changelog-t2714053) - Xposed framework enables you to modify the system or application aspect and behaviour at runtime, without modifying any Android application package(APK) or re-flashing. * [CatLog](https://github.com/nolanlawson/Catlog) - Graphical log reader for Android. * [Droidbox](https://code.google.com/p/droidbox/) - DroidBox is developed to offer dynamic analysis of Android applications. * [Frida](http://www.frida.re/) - The toolkit works using a client-server model and lets you inject in to running processes not just on Android, but also on iOS, Windows and Mac. +* [Cukoo-Droid](https://github.com/idanr1986/cuckoo-droid) - Designed for malware analysis however gives out lots of information about the application and is a useful tool for pentester. +* [Cydia Substrate: Introspy-Android](https://github.com/iSECPartners/Introspy-Android) - Blackbox tool to help understand what an Android application is doing at runtime and assist in the identification of potential security issues. * [Drozer](https://www.mwrinfosecurity.com/products/drozer/) - Drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints and the underlying OS. * Starting a session * adb forward tcp:31415 tcp:31415 @@ -113,9 +114,10 @@ The Mobile App Pentest cheat sheet was created to provide concise collection of * [Proxydroid](https://play.google.com/store/apps/details?id=org.proxydroid) - Global Proxy App for Android System. #### Bypassing Root Detection and SSL Pinning -* [Android SSL Trust Killer](https://github.com/iSECPartners/Android-SSL-TrustKiller) - Blackbox tool to bypass SSL certificate pinning for most applications running on a device. -* [Android-ssl-bypass] (https://github.com/iSECPartners/android-ssl-bypass) - an Android debugging tool that can be used for bypassing SSL, even when certificate pinning is implemented, as well as other debugging tasks. The tool runs as an interactive console. -* [RootCoak Plus](https://github.com/devadvance/rootcloakplus) - Patch root checking for commonly known indications of root. +* [Xposed module: Just Trust Me](https://github.com/Fuzion24/JustTrustMe) - Xposed Module to bypass SSL certificate pinning. +* [Cydia Substrate Module: Android SSL Trust Killer](https://github.com/iSECPartners/Android-SSL-TrustKiller) - Blackbox tool to bypass SSL certificate pinning for most applications running on a device. +* [Android-ssl-bypass](https://github.com/iSECPartners/android-ssl-bypass) - an Android debugging tool that can be used for bypassing SSL, even when certificate pinning is implemented, as well as other debugging tasks. The tool runs as an interactive console. +* [Xposed module: RootCoak Plus](https://github.com/devadvance/rootcloakplus) - Patch root checking for commonly known indications of root. #### Security Libraries * [PublicKey Pinning](https://www.owasp.org/images/1/1f/Pubkey-pin-android.zip) - Pinning in Android can be accomplished through a custom X509TrustManager. X509TrustManager should perform the customary X509 checks in addition to performing the pinning configuration.