Security monitoring by Android security companies is more commonly used to check Android vulnerabilities. Here you can find the comprehensive tools and resource list for Android Penetration Testing in Android Mobiles. You can find them here.
- NowSecure Lab Automated – a mobile app security testing enterprise tool that tests both Android and iOS mobile apps. Lab Automated delivers dynamic and static analysis on real cloud devices to produce results in minutes. Not free
- AppCritique – Upload and receive full free security assessments your Android APKs
- Visual Threat
- Mobile Malware Sandbox
- Appknox – not free
- IBM Security AppScan Mobile Analyzer – not free
- NVISO ApkScan
- AVC UnDroid
- habo 10/day
- Virustotal-max 128MB
- Fraunhofer App-ray – not free
Static Analysis Tools
- CFGScanDroid–CFG scans and compares malicious applications against CFG.
- Madrolyzer-extracts operating data such as C&C, telephone number etc.
- SPARTA–Checks (proves) that the app complies with a security information flow policy based on the Checker Framework.
- ConDroid–Conducts a symbolic + concrete application execution combination.
- RiskInDroid–A tool that allows Android apps to calculate their risk using an online demo.
- SUPER–Android analyzer stable, unified, powerful and extensible rust.
- ClassyShark–Standalone binary inspection tool to browse and display important information about every Android executable.
Android SecurityApp Vulnerability Scanners
- QARK–LinkedIn’s QARK is an application developer that checks security issues.
- Devknox–Fixed Android Security issues like your IDE’s spell check.
- JAADAS–Intra-procedural and inter-procedural tool for analyzing vulnerabilities in Android Soot and Scala-based applications.
Dynamic Analysis Tools
- Android DBI framework.
- Androl4b–A virtual computer for Android, Reverse Engineering and Analysis applications.
- Android Malware Analysis Toolkit –(Linux distro) In the past,
- Mobile-Security-Framework (MobSF) is a mobile, all-in – one, mobile open source (Android / iOS) automated pen testing system that performs static, dynamic analysis and web testing.
- AppUse–custom-built for pentesting
- Cobradroid –customized image for malware analysis
- Droidbox Drozer Xposed–equivalent to injecting Stub based code with API hooks, start unexported activities, and more, without any modifications to the binary inspection, Android Package Inspector. (Xposed Module)
- Android Hooker–Dynamic Java code instruments (needs a Substrate System)
- ProbeDroid–Dynamic Java application instrumentation
- Android Tamer–Virtual / Live Android Security Professional Platform
- DECAF–QEMU based Executable Coding Framework (DroidScope is now a DECAF extension)
- Android Linux kernel modules
- Appie is a pre-configured software package for Android Pentesting Environment. It is fully portable and can be transported on a USB stick or on a smartphone. This is a one-stop response to all the tools needed in Android Application Security Assessments as well as a great alternative to virtual machinery.
- StaDynA–a safety application analysis system that supports dynamic code update functions (loading and reflection of dynamic class). This tool combines static and dynamic analysis of Android applications to reveal hidden / updated behavior and to add this information to static analysis results.
- Vezir Project–Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis
- MARA- Mobile Application Reverse Engineering and Analysis Framework
- Mobile Application Reverse Engineering and Analysis System
- Taintdroid- includes AOSP compilation.
- Jad – Java decompiler
- JD-GUI – Java decompiler
- CFR – Java decompiler
- Krakatau – Java decompiler
- Procyon – Java decompiler
- FernFlower – Java decompiler
- Redexer – apk manipulation
- Smali viewer
Simplify Android deobfuscator
- Bytecode viewer
- Smali/Baksmali – apk decompilation
- emacs syntax coloring for smali files
- vim syntax coloring for smali files
- Androguard – powerful, integrates well with other tools
- Apktool – really useful for compilation/decompilation (uses smali)
- Android Framework for Exploitation
- Bypass signature and permission checks for IPCs
- Android OpenDebug – make any application on device debuggable (using cydia substrate).
- Dare – .dex to .class converter
- Dex2Jar – dex to jar converter
- Enjarify – dex to jar converter from Google
- Indroid – thread injection kit
- An Android port of the melkor ELF fuzzer
- Media Fuzzing Framework for Android
- Radamsa Fuzzer
App Repackaging Detectors
- FSquaDRA – a Android Security tool for detection of repackaged Android applications based on app resources hash comparison.
- Google play crawler (Java)
- Google play crawler (Python)
- Google play crawler (Node) – get app details and download apps from official Google Play Store.
- Aptoide downloader (Node) – download apps from Aptoide third-party Android market
- Appland downloader (Node) – download apps from Appland third-party Android market
- adb autocomplete
- Dalvik opcodes
- Opcodes table for quick reference
- ExploitMe Android Labs – for practice
- GoatDroid – for practice
- AXMLPrinter2 – to convert binary XML files to human-readable XML files
- Android Vulnerability Test Suite – android-vts scans a device for set of vulnerabilities
- AppMon– AppMon is an automated framework for monitoring and tampering system API calls of native macOS, iOS and android apps. It is based on Frida.