Android Penetration Tools Walkthrough Series: AndroBugs Framework

Android apps are arguably the most commonly used features of smartphones on the market today. Our lives are made more organized, faster, and more streamlined as a result of them. However, with all of these Android apps in use and thousands more coming every year, debugging Android apps is becoming all the more important.

To this end, AndroBugs Framework presents a solution to this ever-present need. AndroBugs Framework is an Android app security vulnerability scanner that Android developers and hackers can use to easily scan an Android app for security vulnerabilities, possible exploits and even whether the code satisfies best practices.

Yu Cheng-Lin is an Android Security Researcher based out of Taiwan and the creator of the AndroBugs Framework. His career led him to the discovery of countless security flaws in Android applications of some of the biggest tech companies in the world, including Facebook and Twitter. Yu Cheng-Lin had previously built an Android app scanner as part of his master’s degree in 2014 and decided to open-source his personal Android vulnerability scanner to the public. Yu Cheng-Lin currently hosts the application on Github at https://github.com/AndroBugs/AndroBugs_Framework.

AndroBugs Framework is capable of scanning Android applications and uncovering various types of security-related vulnerabilities. AndroBugs Framework has what has been described by as “the most efficient” and most accurate Android vulnerability analysis system. What does this translate to regarding vulnerability analysis performance? Speed and simplicity of design. This translates into Android app scans of less than two minutes per scan. This valuable time-saving feature will likely be appreciated by the Android developers worldwide.

  • Find security vulnerabilities in an Android app, including vulnerabilities susceptible to exploitation by hackers
  • Check if the code is missing best practices
  • Check dangerous shell commands. For example – “su”
  • Collect Information from millions of apps
  • Check the app’s (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/BkPUvwqyqcM/