Categories: Kali Linux

Droid Hunter – Android Application Vulnerability Tool

Droid Hunter Android application vulnerability analysis and Android pentest tool.

  • App info check
  • Baksmaling android app
  • Decompile android app
  • Extract class file
  • Extract java code
  • Pattern base Information Leakage

Also Read AhMyth Android Rat – Remote Administration Tool

How to Install Droid Hunter?

  • Download(clone) & Unpack DROID-HUNTER
git clone https://github.com/hahwul/droid-hunter.git
cd droid-hunter
  • Install Ruby GEM
gem install html-table
gem install colorize
  • Set external tools

Editing “./config/config.rb”

# Tool path
$p_adb = "/usr/bin/adb"     
$p_aapt = "/usr/bin/aapt"   # Path aapt
                            # macOS > (https://github.com/hahwul/droid-hunter/issues/12)
$p_dex2jar = File.dirname(__FILE__)+"/../ex_tool/dex2jar-0.0.9.15/dex2jar.sh"
$p_apktool = File.dirname(__FILE__)+"/../ex_tool/apktool/apktool_2.3.1.jar"
$p_jad = File.dirname(__FILE__)+"/../ex_tool/jad/jad"
$p_grep = "/bin/grep"
$p_unzip = "/usr/bin/unzip"
$p_sfilter = File.dirname(__FILE__)+"/../string_filter"
  • Run DROID-HUNTE
ruby dhunter.rb

How to Use?

Usage: ruby dhunter.rb [APK]
Command
-a, --apk : Analysis android APK file.
 + APK Analysis
   => dhunter -a 123.apk[apk file]
   => dhunter --apk 123.apk aaa.apk test.apk hwul.apk
-p, --pentest : Penetration testing Device
 + Pentest Android
   => dhunter -p device[device code]
   => dhunter --pentest device
-v, --version : Show this droid-hunter version
-h, --help : Show help page

TO-DO List

Add Vulnerability Scanning module
Update string pattern
Intent diagram

Screen shot

 

R K

Recent Posts

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

2 weeks ago

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago