LazyDroid – Android Security Assessment Tool


Lazydroid is a tool written as a bash script to facilitate some aspects of an Android Security Assessment.

LazyDroid - Android Security Assessment Tool

Features

It provides some common tasks such as:

  • Set the debug flag of an application to true
  • Set the backup flag of an application to true
  • Re-Build the application
  • Re-Sign the application
  • Smart log extraction of an application
  • Extract the APK of an application installed from Google Play
  • Download any mobile folder (/sdcard/, application data folder, other)
  • Compare two different snapshots of the same folder
  • Insert Frida gadget in the APK (for example when the phone is not or cannot be rooted, and thus Frida server cannot be run)

Installation

Lazydroid requires Linux or Mac OS to run and the next tools installed:

  • apktool
  • jarsigner
  • adb
  • aapt (Android Asset Packaging Tool, part of the SDK)
  • your keystore and alias
  • Frida Agent (pip install frida)

Usage

To run lazydroid.sh the steps would be the following:

You can download LazyDroid here:

LazyDroid-master.zip

Or read more here.

Posted in: Hacking Tools

, ,


Latest Posts:


Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network
OWASP Amass - DNS Enumeration, Attack Surface Mapping & External Asset Discovery OWASP Amass – DNS Enumeration, Attack Surface Mapping & External Asset Discovery
The OWASP Amass Project is a DNS Enumeration, Attack Surface Mapping & External Asset Discovery tool to help information security professionals perform network mapping of attack surfaces.


Comments are closed.