惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

aimingoo的专栏
aimingoo的专栏
G
GRAHAM CLULEY
A
Arctic Wolf
The Last Watchdog
The Last Watchdog
J
Java Code Geeks
Security Archives - TechRepublic
Security Archives - TechRepublic
小众软件
小众软件
S
Schneier on Security
N
Netflix TechBlog - Medium
云风的 BLOG
云风的 BLOG
V
Visual Studio Blog
Blog — PlanetScale
Blog — PlanetScale
Webroot Blog
Webroot Blog
美团技术团队
T
Tor Project blog
F
Full Disclosure
H
Hacker News: Front Page
www.infosecurity-magazine.com
www.infosecurity-magazine.com
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Google Online Security Blog
Google Online Security Blog
Help Net Security
Help Net Security
B
Blog RSS Feed
酷 壳 – CoolShell
酷 壳 – CoolShell
T
Troy Hunt's Blog
SecWiki News
SecWiki News
P
Proofpoint News Feed
Microsoft Security Blog
Microsoft Security Blog
PCI Perspectives
PCI Perspectives
The Hacker News
The Hacker News
M
MIT News - Artificial intelligence
宝玉的分享
宝玉的分享
MyScale Blog
MyScale Blog
Schneier on Security
Schneier on Security
博客园_首页
K
Kaspersky official blog
MongoDB | Blog
MongoDB | Blog
V
Vulnerabilities – Threatpost
D
DataBreaches.Net
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The GitHub Blog
The GitHub Blog
Scott Helme
Scott Helme
T
Tenable Blog
L
Lohrmann on Cybersecurity
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
U
Unit 42
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Hacker News: Ask HN
Hacker News: Ask HN
A
About on SuperTechFans
B
Blog
Last Week in AI
Last Week in AI

Homepage on Aditya Telange

One Year with evil-winrm-py - A Retrospective Bypassing LinkedIn's Connection Privacy with a Simple Search Filter Making Dynamic Instrumentation Accessible with Frida UI Breaking Payload Encryption in Web Applications HackTheBox (HTB) - Escape HackTheBox (HTB) - Resolute HackTheBox (HTB) - Certified State of VMWare Workstation (Pro?) on Linux Android phone as a Webcam on Linux Breaking down Reverse shell commands HackTheBox (HTB) - Photobomb Merging AOSP Security Patches into Custom ROMs Primer on HTTP Security Headers Image Zoom-In effect with HUGO HackTheBox (HTB) - Legacy HackTheBox (HTB) - Lame Cryptohack - Keyed Permutations [5 pts] Cryptohack - Resisting Bruteforce [10 pts] Cryptohack - RSA Starter 1 [10 pts] Cryptohack - Base64 [10 pts] Cryptohack - Bytes and Big Integers [10 pts] Cryptohack - Hex [5 pts] Cryptohack- XOR Starter [10 pts] HackTheBox (HTB) - Horizontall HackTheBox (HTB) - Forge HackTheBox (HTB) - Previse HackTheBox (HTB) - BountyHunter HackTheBox (HTB) - Explore HackTheBox (HTB) - Cap HackTheBox (HTB) - Pit HackTheBox (HTB) - Knife HackTheBox (HTB) - Love HackTheBox (HTB) - Tenet HackTheBox (HTB) - Ready Watermarking images with HUGO My Github Project went viral! Cryptohack - ASCII [5 pts] Cryptohack - Finding Flags [2 pts] Cryptohack - Great Snakes [3 pts] Cryptohack - JWT Sessions [10 pts] Cryptohack - Network Attacks [5 pts] Cryptohack - Token Appreciation [5 pts] CAF's Android for MSM Basic Website Analytics with Vercel Github Actions as Temporary File Sharing Platform Addition of prebuilt APK - AOSP Rom Development External Link With target='_blank' in Hugo Markdown Setting Up Build Environment - AOSP Rom Development Getting Started - AOSP Rom Development Using Secure HTTP Headers with Vercel/Zeit Education and Certifications Link Tree ↟ | Aditya Telange Personal Projects Resume - Aditya Telange Security Acknowledgements About Me Graph View License Privacy Policy
Android App Security Testing Lab with MobSleuth
[Aditya Telange](https://x.com/adityatelange) · 2024-06-16 · via Homepage on Aditya Telange

What is MobSleuth?

MobSleuth is a collection of scripts using which we can setup a virtual lab for Android App security assessments.

Download now from the GitHub Repository

✨ With MobSleuth we get:

  • A complete setup of tools (manual + automated) to start hacking Android apps.
  • One-command root access to the Android container.
  • BurpSuite running on the host machine to intercept and modify traffic.
  • Mobsf with dynamic analysis capabilities connected to Android container.
  • ADB server running on port 5555 to connect to the Android container.
  • Scrcpy to mirror and control the Android container.
  • Scripts to generate a CA certificate and install them on the Android container.
  • Scripts to install and run Frida on the Android container.
Mobsleuth in Action!

Motivation for this project 🎯

Setting up an Android app hacking lab has always been a challenge and many of us face the below challenges:

  • Finding an Android emulation tool to run a Virtual Android device.
  • Rooting the Virtual Android device.
  • Installation of custom CA certificates.
  • Proxying the traffic via an interception tool and inspecting it.
  • Installation of Dynamic instrumentation tools such as Frida.

Most security engineers use third-party tools such as Genymotion, Bluestacks, Noxplayer, Memuplay. While these are good options to emulate your android app, they have propriataty usage licenses, needs an account before you use them and some even show advertisements 🧐.

Mobsleuth tries to solve this problem by using open-source tools and scripts to automate the setup of configuring Android hacking lab and provide useful scripts to ease the process of interceping traffic and perform dynamic instrumentation.

Few months back I discovered a great tool for Android emulation on x86-64 devices, called ReDroid. This was a perfect android emulator which I found to run well inside a docker container and also it was open-source.

Now, what remains is to install tools to intercept the traffic 🚧, decompile the APK, and perform dynamic instrumentation.

Tools used in this project 🛠️

Tool NameTypeDescription
MobSFFOSSMobile Security Framework is an open-source, automated mobile app security testing tool.
reDroidFOSSRemote anDroid solution for emulating an Android device in a container.
ScrcpyFOSSA free and open-source tool that allows you to mirror and control your Android device from your computer via ADB.
FridaFOSSDynamic instrumentation toolkit for developers, reverse-engineers, and security researchers.
JadxFOSSDex to Java decompiler.
ObjectionFOSSRuntime Mobile Exploration.
PidcatFOSSColored logcat script which only shows log entries for a specific application package.
APKiDFOSSAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android.
ApkToolFOSSA tool for reverse engineering Android apk files.
BurpSuite CEproprietaryPowerful web application security testing platform with interception, scanning, fuzzing, and more.

Architecture Diagram 🗺️

I have created a simple architecture diagram to show how the tools are connected and how they interact with each other. Here is the diagram: