If you are pen-testing Android applications, you will need to monitor/check many things at the same time. While doing dynamic analysis, one must take care of all communication, local storage, logs, and what not.
Inspeckage a dynamic Android application analysis tool present under Xposed Framework which makes dynamic analysis very easy. Its various features make it very useful with its inbuilt web server providing simplistic GUI.
We will be using Android 5.1 device on Genymotion in Linux to demonstrate Inspeckage. You can find tons of tutorials on how to setup Genymotion in Linux
(here). Another prerequisite is to have Xposed Framework installed in your rooted device(emulator). You can follow
this tutorial for installing Xposed through apk file on your Genymotion.
This Genymotion 5.1(Marshmallow) has Xposed installed in it. Now let’s see the installation of Inspeckage from the Xposed framework.
Open the Xposed framework application, and navigate to Download as shown below,
Next, we will have to search for the “Inspeckage tool” from the plethora of modules present under the Xposed framework. As you can see from the snapshot below, search results show that we have Inspeckage – Android Package Inspector.”
As we can see, Inspeckage is used for Dynamic analysis of the Android application. Now comes the question what is dynamic analysis? If this tool is used for dynamic analysis then, there must be tools for static analysis as well, right?
Yes, static analysis of ANdroid application means that you check for all the code, permissions of activities, hardcoded things used, URLs which can be connected directly as well as root detection or any important logic. (more on static analysis is
here.) Whereas in dynamic analysis, you run the application, observe how the application works and perform testing.
Click on the module, and you will find (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Anand Varia. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/vScMuybhttM/