Slicer accepts a path to an extracted APK file and then returns all the activities, receivers, and services which are exported and have null permissions and can be externally provoked.
Note: The APK has to be extracted via jadx or apktool.
android:allowbackup to trueandroid:debuggable to true.android:exporte=true is present in any of the component and have no permission set.Intent-filters are defined for that component, if yes that means that component is exported by default(This is the rule given in android documentation.).json trick.myapp.firebaseio.com then it will check if https://myapp.firebaseio.com/.json returns something or gives permission denied.Duplicate.not applicable and will claim that the KEY has a usage cap – r/suspiciouslyspecific strings.xml and in AndroidManifest.xml/res/raw and res/xml directory.git clone https://github.com/mzfr/slicer
cd slicerpython3 slicer.py -hIt’s very simple to use. Following options are available:
Extract information from Manifest and strings of an APK
Usage:
slicer [OPTION] [Extracted APK directory]
Options:
d, –dir path to jadx output directory
o, –output Name of the output file(not implemented)
I have not implemented the output flag yet because I think if you can redirect slicer output to a yaml file it will a proper format.
python3 slicer.py -d path/to/extact/apk -c config.json
Have you ever come across a picture on the internet and wondered where it came…
Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…
Knowing how to check directory sizes in Linux is essential for managing disk space and…
Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…