Android Vulnerability Scanner: AndroBugs

AndroBugs Framework is an Android vulnerability analysis system that helps developers or hackers find potential security vulnerabilities in Android applications. No splendid GUI interface, but the most efficient (less than 2 minutes per scan in average) and more accurate.

Features:

  • Find security vulnerabilities in an Android app
  • Check if the code is missing best practices
  • Check dangerous shell commands (e.g. “su”)
  • Collect Information from millions of apps
  • Check the app’s security protection (marked as <Hacker>, designed for app repackaging hacking)

Steup Steps and Usage for Windows

Easy to use for Android developers or hackers on Microsoft Windows: (a) No need to install Python 2.7 (b) No need to install any 3rd-party library (c) No need to install AndroBugs Framework
  1. mkdir C:AndroBugs_Framework
  2. cd C:AndroBugs_Framework
  3. Unzip the latest Windows version of AndroBugs Framework from Windows releases
  4. Go to Computer->System Properties->Advanced->Environment Variables. Add “C:AndroBugs_Framework” to the “Path” variable
  5. androbugs.exe -h
  6. androbugs.exe -f [APK file]

Usage for Unix/Linux

To run the AndroBugs Framework:

python androbugs.py -f [APK file]

To check the usage:

python androbugs.py -h
Example:
python AndroBugs_ReportByVectorKey.py -v WEBVIEW_RCE -l Critical -b 20151112 -t BlackHat
python AndroBugs_ReportByVectorKey.py -v WEBVIEW_RCE -l Critical -b 20151112 -t BlackHat -a

Download and read more at

Android Vulnerability Scanner

Rated 4.9/5 based on 987 reviews

You can also see the Android application penetration testing course.

Irfan Shakeel
Irfan Shakeel, the founder of ehacking project, he also hosts cyber security training classes at EH Academy. He has discovered many vulnerabilities in the famous platforms (like Google, Dailymotion, Harvard University & etc.). He specializes in Network hacking, VoIP pentesting & digital forensics. He is the author of the book title “Hacking from Scratch”.

Most Popular

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...

How to Identify Company’s Hacked Email Addresses Using Maltego & HaveIbeenPawned

This article is part of the Maltego OSINT tutorial, where you will learn to identify the already hacked account, and it’s password using the...

5 Key Vulnerabilities in Global Payroll

The cyber threat against payroll is growing in sophistication and frequency, according to the latest FBI cybercrime report. Many of these attacks exploit fixable...