GitHub - abhi-r3v0/Adhrit: Adhrit is an open source Android APK reversing and analysis tool that can help secuity researchers and CTF enthusiasts alike. The tool is an effort to cut down on the amount of time spent on reversing and basic reconnassaince of Android applications.

README.md

BUILD STATUS Open Source Love GPL Licence

Adhrit is an open source Android APK reversing and analysis tool that can help security researchers and CTF enthusiasts alike. The tool is an effort to cut down on the amount of time spent on reversing and basic reconnaissance of Android applications. The project is still under progress and will continually incorporate features with time. Feel free to report the issues. Feature requests and suggestions are always welcome!


USES:

  • Extracts the apk contents.
  • Disassembles native libraries
  • Extracts jar out of dex.
  • Extracts source code in Java.
  • Extracts source code in Smali.
  • Recompiles smali into APK
  • Signs the APK
  • Checks for bytecode injection points.
  • Analyzes permissions used by the application.
  • Dumps the Manifest.
  • Dumps the certificate details.
  • Checks for malware footprints in the VirusTotal database.

PRE-REQUISITES:

  • Linux or MAC
  • Java JDK

USAGE:

  1. Dowload the zip or clone the package and extract the tool ( git clone https://github.com/abhi-r3v0/Adhrit.git ).
  2. Place the application in the tool directory.
  3. Open a terminal and cd into the directory.
  4. Run python installer.py for installing the necessary tools.
  5. Use python adhrit.py -h for usage help.

Example: python adhrit.py -a my_app.apk


SCREENSHOTS:

alt text

alt text

alt text

alt text

alt text

alt text


BLOG:

bi0s


MENTIONS:


CREDITS:


NOTE:

  1. Filenames with two '.' may give an error. Please rename the apk in such cases. For example, if your file name is my.app.apk, rename it to myapp.apk

为您推荐了相关的技术文章:

  1. Injecting Metasploit Payloads into Android Applications – Manually
  2. Droidefense - Advance Android Malware Analysis Framework
  3. GitHub - vincentcox/StaCoAn: StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
  4. GitHub - UltimateHackers/Diggy: Extract enpoints from apk files.
  5. Bypassing Android Anti-Emulation, Part (III)

原文链接: github.com