Drozer from MWR labs (formerly known as Mercury) is one of the most leveraged Android security frameworks for pentesting Android applications. Drozer enables scanning for security vulnerabilities in Android applications by taking the role of a native Android application and interacting with the Dalvik Virtual Machine, other applications’ IPC endpoints and the OS beneath.
The drozer build in tools enables you to use, share and understand public Android exploits. It enables you to send a drozer agent to a device through exploitation or social engineering and perform various tasks on remote devices.
Drozer is an open source tool and the source code for drozer can be found in various GitHub project repositories.
The drozer tool is the combination of two key components:
Here is the simple representation of the working of drozer.
From Version 2.0, drozer introduced the Infrastructure Mode. In this mode, the drozer Agent sets up an association outward to pass through firewalls and NAT. This allows one to create a more realistic attack. This mode requires a Server, which we will address further in this article.
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Sumit Bhattacharya. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/dvUe7Cm2IrQ/
Leading UK Credit Card Consumer Finance Company Uses Advanced Graph Analytics to Intercept Fraudulent Credit Card Applications, Boost Anti-Fraud Efforts…
Digital+ Partners Leads Continuation Funding Round in Growing Automated Threat Analysis & Detection Provider, Closing its Series B Round at…
For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and…
It’s time to say a final “Goodbye” to Flash. (Or should that be “Good riddance”?) With earlier this week seeing…
1. Be a student of (information security, network security, cyber security). Always strive to know what the latest tactics, trends,…
This is the second in a series of blog posts that discuss how smart DNS resolvers can enhance ongoing network…