Hacking Tools

Mobile Helper Framework – Automate App Analysis And Security Insights

Is a tool that automates the process of identifying the framework/technology used to create a mobile application.

Additionally, it assists in finding sensitive information or provides suggestions for working with the identified platform.

How Work?

The tool searches for files associated with the technologies used in mobile application development, such as configuration files, resource files, and source code files.

Example

Cordova

Search files:

index.html
cordova.js
cordova_plugins.js

React Native Android And iOS

Search file

Andorid files:

libreactnativejni.so
index.android.bundle

iOS files:

main.jsbundle

Installation

❗A minimum of Java 8 is required to run Apktool.

pip install -r requirements.txt

Usage

python3 mhf.py app.apk|ipa|aab

Examples

python3 mobile_helper_framework.py file.apk

[+] App was written in React Native

Do you want analizy the application (y/n) y

Output directory already exists. Skipping decompilation.

Beauty the react code? (y/n) n

Search any info? (y/n) y

==>>Searching possible internal IPs in the file

results.........

==>>Searching possible emails in the file

results.........

==>>Searching possible interesting words in the file

results.........

==>>Searching Private Keys in the file

results.........

==>>Searching high confidential secrets

results.........

==>>Searching possible sensitive URLs in js files

results.........

==>>Searching possible endpoints in js files results.........

Features

This tool uses Apktool for decompilation of Android applications.

This tool renames the .ipa file of iOS applications to .zip and extracts the contents.

FeatureNoteCordovaReact NativeNative JavaScriptFlutterXamarin
JavaScript beautifierUse this for the first few occasions to see better results.
Identifying multiple sensitive informationIPs, Private Keys, API Keys, Emails, URLs
Cryptographic Functions
Endpoint extractor
Automatically detects if the code has been beautified.
Extracts automatically apk of devices/emulator
Patching apk
Extract an APK from a bundle file.
Detect if JS files are encrypted
Detect if the resources are compressed.Hermes✅XALZ✅
Detect if the app is split

What is patching apk: This tool uses Reflutter, a framework that assists with reverse engineering of Flutter apps using a patched version of the Flutter library.

Split APKs is a technique used by Android to reduce the size of an application and allow users to download and use only the necessary parts of the application.

Instead of downloading a complete application in a single APK file, Split APKs divide the application into several smaller APK files, each of which contains only a part of the application such as resources, code libraries, assets, and configuration files.

adb shell pm path com.package
package:/data/app/com.package-NW8ZbgI5VPzvSZ1NgMa4CQ==/base.apk
package:/data/app/com.package-NW8ZbgI5VPzvSZ1NgMa4CQ==/split_config.arm64_v8a.apk
package:/data/app/com.package-NW8ZbgI5VPzvSZ1NgMa4CQ==/split_config.en.apk
package:/data/app/com.package-NW8ZbgI5VPzvSZ1NgMa4CQ==/split_config.xxhdpi.apk

For example, in Flutter if the application is a Split it’s necessary patch split_config.arm64_v8a.apk, this file contains libflutter.so

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

SpyAI : Intelligent Malware With Advanced Capabilities

SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…

1 day ago

Proxmark3 : The Ultimate Tool For RFID Security And Analysis

The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…

1 day ago

Awesome Solana Security : Enhancing Program Development

The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…

1 day ago

IngressNightmare-POCs : Understanding The Vulnerability Exploitation Flow

The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…

1 day ago

AdaptixC2 : Enhancing Penetration Testing With Advanced Framework Capabilities

AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…

1 day ago

Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation

Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…

1 day ago