A collection of android security related resources.
A lot of work is happening in academia and industry on tools to perform dynamic analysis, static analysis and reverse engineering of android apps.
- AndroTotal
- Dexter
- Tracedroid
- Visual Threat
- Mobile Malware Sandbox
- MobiSec Eacus
- IBM Security AppScan Mobile Analyzer - not free
- NVISO ApkScan
- AVC UnDroid
- Fireeye - max 60MB 15/day
- habo 10/day
- Virustotal -max 128MB
- Fraunhofer App-ray - not free
- ~~ CopperDroid ~~
- ~~ SandDroid ~~
- ~~ Stowaway ~~
- ~~ Anubis ~~
- ~~ Mobile app insight ~~
- ~~ Mobile-Sandbox ~~
- ~~ Ijiami ~~
- ~~ Comdroid ~~
- ~~ Android Sandbox ~~
- ~~ Foresafe ~~
- Androwarn - detect and warn the user about potential malicious behaviours developped by an Android application.
- ApkAnalyser ★ 654, pushed 1270 days ago
- APKInspector
- Droid Intent Data Flow Analysis for Information Leakage
- DroidLegacy
- Several tools from PSU
- Smali CFG generator ★ 33, pushed 793 days ago
- FlowDroid
- Android Decompiler – not free
- PSCout - A tool that extracts the permission specification from the Android OS source code using static analysis
- Amandroid
- SmaliSCA - Smali Static Code Analysis ★ 139, pushed 360 days ago
- CFGScanDroid - Scans and compares CFG against CFG of malicious applications ★ 15, pushed 468 days ago
- Madrolyzer - extracts actionable data like C&C, phone number etc. ★ 42, pushed 487 days ago
- SPARTA - verifies (proves) that an app satisfies an information-flow security policy; built on the Checker Framework
- ConDroid - Performs a combination of symoblic + concrete execution of the app ★ 2, pushed 181 days ago
- QARK - QARK by LinkedIn is for app developers to scan app for security issues
- AndroBugs ★ 224, pushed 298 days ago
- Nogotofail
- Android DBI frameowork
- Androl4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis ★ 172, pushed 212 days ago
- Android Malware Analysis Toolkit - (linux distro) Earlier it use to be an online analyzer
- Mobile-Security-Framework MobSF - Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static, dynamic analysis and web API testing.
- AppUse – custom build for pentesting
- Cobradroid – custom image for malware analysis
- ViaLab Community Edition
- Droidbox ★ 148, pushed 346 days ago
- Mercury
- Drozer
- Xposed - equivalent of doing Stub based code injection but without any modifications to the binary
- Android Hooker - Dynamic Java code instrumentation (requires the Substrate Framework) ★ 192, pushed 221 days ago
- ProbeDroid - Dynamic Java code instrumentation
- Android Tamer - Virtual / Live Platform for Android Security Professionals
- DECAF - Dynamic Executable Code Analysis Framework based on QEMU (DroidScope is now an extension to DECAF)
- CuckooDroid - Android extension for Cuckoo sandbox ★ 130, pushed 339 days ago
- Mem - Memory analysis of Android (root required) ★ 16, pushed 451 days ago
- Crowdroid – unable to find the actual tool
- AuditdAndroid – android port of auditd, not under active development anymore ★ 23, pushed 1215 days ago
- Android Security Evaluation Framework - not under active development anymore
- Android Reverse Engineering – ARE (android reverse engineering) not under active development anymore
- Aurasium – Practical security policy enforcement for Android apps via bytecode rewriting and in-place reference monitor. ★ 12, pushed 596 days ago
- Android Linux Kernel modules ★ 54, pushed 724 days ago
- Appie - Appie is a software package that has been pre-configured to function as an Android Pentesting Environment.It is completely portable and can be carried on USB stick or smartphone.This is a one stop answer for all the tools needed in Android Application Security Assessment and an awesome alternative to existing virtual machines.
- StaDynA - a system supporting security app analysis in the presence of dynamic code update features (dynamic class loading and reflection). This tool combines static and dynamic analysis of Android applications in order to reveal the hidden/updated behavior and extend static analysis results with this information. ★ 2, pushed 526 days ago
- DroidAnalytics - incomplete ★ 14, pushed 481 days ago
- Vezir Project - Virtual Machine for Mobile Application Pentesting and Mobile Malware Analysis ★ 29, pushed 133 days ago
- MARA - Mobile Application Reverse engineering and Analysis Framework
- ~~ Taintdroid ~~ - requires AOSP compilation
- Smali/Baksmali – apk decompilation ★ 801, pushed 134 days ago
- emacs syntax coloring for smali files ★ 17, pushed 151 days ago
- vim syntax coloring for smali files
- AndBug ★ 289, pushed 693 days ago
- Androguard – powerful, integrates well with other tools ★ 905, pushed 167 days ago
- Apktool – really useful for compilation/decompilation (uses smali)
- Android Framework for Exploitation ★ 93, pushed 344 days ago
- Bypass signature and permission checks for IPCs ★ 27, pushed 991 days ago
- Android OpenDebug – make any application on device debuggable (using cydia substrate). ★ 34, pushed 996 days ago
- Dare – .dex to .class converter
- Dex2Jar - dex to jar converter ★ 1628, pushed 134 days ago
- Enjarify - dex to jar converter from Google ★ 1314, pushed 133 days ago
- Dedexer
- Fino ★ 64, pushed 681 days ago
- Frida - inject javascript to explore applications and a GUI tool for it
- Indroid – thread injection kit
- IntentSniffer
- Introspy ★ 192, pushed 966 days ago
- Jad - Java decompiler
- JD-GUI - Java decompiler ★ 1781, pushed 165 days ago
- CFR - Java decompiler
- Krakatau - Java decompiler ★ 527, pushed 129 days ago
- Procyon - Java decompiler
- FernFlower - Java decompiler ★ 451, pushed 132 days ago
- Redexer – apk manipulation ★ 66, pushed 172 days ago
- Smali viewer
- ~~ ZjDroid ~~, ~~ fork/mirror ~~
- Simplify Android deobfuscator ★ 403, pushed 165 days ago
- Bytecode viewer ★ 1095, pushed 176 days ago
- Radare2 ★ 2602, pushed 126 days ago
- IntentFuzzer
- Radamsa Fuzzer ★ 16, pushed 229 days ago
- Honggfuzz ★ 263, pushed 128 days ago
- An Android port of the melkor ELF fuzzer ★ 31, pushed 746 days ago
- Media Fuzzing Framework for Android ★ 139, pushed 157 days ago
- AndroFuzz
- FSquaDRA - a tool for detection of repackaged Android applications based on app resources hash comparison. ★ 23, pushed 196 days ago
- Contagio Mini Dump
- Android Malware Github repo ★ 1, pushed 130 days ago
- Open Source database
- Drebin
- Admire
- MalGenome - contains 1260 malware samples categorized into 49 different malware families, free for research purpose.
- VirusTotal Malware Intelligence Service - powered by VirusTotal,not free
- Android Security (and Not) Internals
- Android security related presentations ★ 47, pushed 659 days ago
- A good collection of static analysis papers
- Google play crawler (Java) ★ 242, pushed 940 days ago
- Google play crawler (Python) ★ 489, pushed 336 days ago
- Google play crawler (Node) - get app details and download apps from official Google Play Store. ★ 36, pushed 157 days ago
- Aptoide downloader (Node) - download apps from Aptoide third-party Android market ★ 9, pushed 402 days ago
- Appland downloader (Node) - download apps from Appland third-party Android market ★ 3, pushed 403 days ago
- smalihook
- APK-Downloader
- AXMLPrinter2 - to convert binary XML files to human-readable XML files
- adb autocomplete
- Dalvik opcodes
- Opcodes table for quick reference
- ExploitMe Android Labs - for practice
- GoatDroid - for practice ★ 116, pushed 769 days ago
- mitmproxy ★ 4870, pushed 125 days ago
- dockerfile/androguard ★ 18, pushed 182 days ago
- Android Vulnerability Test Suite - android-vts scans a device for set of vulnerabilities ★ 676, pushed 137 days ago
Other amazingly awesome lists can be found in the awesome-awesomeness list.
Your contributions are always welcome!