trueseeing is a fast, accurate and resillient vulnerabilities scanner for Android apps. It operates on Android Packaging File (APK) and outputs a comprehensive report in HTML. It doesn’t matter if the APK is obfuscated or not.
Currently trueseeing can detect the following class of vulnerabilities:
+ Improper Platform Usage (M1)
* Debuggable
* Inadvent publishing of Activities, Services, ContentProviders, BroadcastReceivers
+ Insecure Data (M2)
* Backupable (i.e. suspectible to the backup attack)
* Insecure file permissions
* Logging
trueseeing
+ Insecure Commnications (M3)
* Lack of pinning (i.e. suspictible to the TLS interception attack)
* Use of cleartext HTTP
* Tamperable WebViews
+ Insufficient Cryptography (M5)
* Hardcoded passphrase/secret keys
* Vernum ciphers with static keys
* Use of the ECB mode
+ Client Code Quality Issues (M7)
* Reflectable WebViews (i.e. XSSs in such views should be escalatable to remote code executions via JS reflection)
* Usage of insecure policy on mixed contents
+ Code Tampering (M8)
* Hardcoded certificates
+ Reverse Engineering (M9)
* Lack of obfuscation
Dependencies:
+ Apktool
+ Python 3.x
Usage and Install:
git clone https://github.com/monolithworks/trueseeing && cd trueseeing or using pip pip3 install trueseeing trueseeing /path/to/target.apk > report.html trueseeing --output=gcc /path/to/target.apk trueseeing --patch-all /path/to/target.apk
Source: https://github.com/monolithworks