A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis – AndroL4b

AndroL4b is an android security virtual machine in view of ubuntu-mate incorporates the accumulation of most recent framework, instructional exercises and labs from various security nerds and researchers for figuring out and malware analysis.

What’s new in Androl4b v.3?

1. Tools are updated
2. New tools and lab included
3. Upgraded to Ubuntu mate 17.04
4. Some cleanup

Tools

Radare2 Unix-like reverse engineering framework and commandline tools

Frida Inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX.

ByteCodeViewer Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger)

Mobile Security Framework (MobSF) (Android/iOS) Automated Pentesting Framework (Just Static Analysis in this VM)

Drozer Security Assessment Framework for Android Applications

APKtool Reverse Engineering Android Apks

AndroidStudio IDE For Android Application Development

BurpSuite Assessing Application Security

Wireshark Network Protocol Analyzer

MARA Mobile Application Reverse engineering and Analysis Framework

FindBugs-IDEA Static byte code analysis to look for bugs in Java code

AndroBugs Framework Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications

Qark Tool to look for several security related Android application vulnerabilities

Labs:

Damn Insecure and vulnerable App for Android(DIVA) Vulnerable Android Application

InsecureBankv2 Vulnerable Android Application

Android Security Sandbox An app showcase of some techniques to improve Android app security

GoatDroid A fully functional and self-contained training environment for educating developers and testers on Android security