Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)

JAMBOREE, originally an Android Testing Suite, has expanded. Completely Portable installer for a growing collection of Information Security and administrative tools, requiring no local admin rights. Check out the screenshots and support table below!

Get a working portable Python/Git/Java environment on Windows in SECONDS without having local administrator, regardless of your broken Python or other environment variables. Our open-source script downloads directly from proper sources without any binaries. While the code may not be perfect, it includes many useful PowerShell tricks.

• Run Android apps and pentest without the adware and malware of BlueStacks or NOX.

Portable, no-admin installer that provisions a Windows environment for Android app testing (AVD + Magisk + Frida + Objection + Burp) and a growing collection of adjacent security/admin tools. JAMBOREE builds a working portable Python/Git/Java stack in seconds without requiring local administrator access.

• Small, script-driven, open-source PowerShell setup
• No bundled binaries — downloads from upstream sources
• Designed to work even when system Python/Java paths are broken

Table of contents

• Features
• Quick start
• Examples (commands + screenshots)
• Requirements
• How it works
• Usage notes
• Videos & demos
• Credits
• Contributing & License

Features

• Android AVD (Android 11 / API 30) with Magisk and root support
• Frida / Objection preconfigured for app runtime testing
• Burp Suite / ZAP integration and proxy configs
• Portable Python (nuget), PortableGit and Java provisioning
• Optional tools collection: BloodHound (portable), PyCharm Portable, AUTOMATIC1111, AutoGPT, Volatility3, yt-dlp, Postgres (no-admin), SOCFortress/Velociraptor/Wazuh (WSL)
• Simple PowerShell UI for launching tools and AVDs
• Included Burp crawl config: %USERPROFILE%\AppData\Roaming\BurpSuite\ConfigLibrary_JAMBOREE_Crawl_Level_01.json

Quick start

1. Download JAMBOREE.ps1 into an empty folder, or run directly from a shell.
2. Right-click the script and select Run with PowerShell — or run from CMD/PowerShell using the single-line installer below.
3. Use the JAMBOREE PowerShell UI to start Burp and the AVD, then install and test target apps.

Features / Request

Android Core	Status	Additional Feature	Status
RMS:Runtime Mobile Security	✔️	MINDcraft / Ollama Video Moved to MSC_MINDcraft_Single_Click	✔️
Brida, Burp to Frida bridge WIP	❌	WSL OpenWebUI NVIDIA	✔️
🔥SafetyNetBypass DG VM Emulation🔥	❌	AUTOMATIC1111	✔️
Burp Suite Pro / CloudFlare UserAgent Workaround-ish	✔️	SD.Next Stable Diffusion	✔️
ZAP Using Burp	✔️	AutoGPT	✔️
Google Play	✔️	Bloodhound BloodHound-Legacy 4.3.1	✔️
Java	✔️	PyCharm Portable	✔️
Android 11 API 30	✔️	OracleLinux WSL	✔️
Magisk	✔️	Ubuntu/Olamma WSL	✔️
Burp	✔️	Postgres Portable No admin	✔️
Objection	✔️	SillyTavern	✔️
Root	✔️	Volatility 3	✔️
Python	✔️	Arduino IDE / Duck2Spark digiduck	✔️
Frida	✔️	Yt-dlp Youtube Downloader	✔️
Certs	✔️	SOCFortress CoPilot / Velociraptor / Wazuh WSL	✔️

Simple Powershell UI

How it works:

• Temporarily resets your windows $PATH environment variable to fix any issues with existing python/java installation
• Build a working Python environment in seconds using a tiny 16 meg nuget.org Python binary and portable PortableGit. Our solution doesn't require a package manager like Anaconda.

I would like to make it even easier to use but I don't want to spend more time developing it if nobody is going to use it! Please let me know if you like it and open bugs/suggestions/feature request etc! you can contact me at https://rmccurdy.com !

Installation/Requirements ( For Android AVD Emulator) :

WSL or just "virtual machine platform"

OR

• Local admin just to install Android AVD Driver or :

HAXM Intel driver ( https://github.com/intel/haxm )

OR

AMD ( https://github.com/google/android-emulator-hypervisor-driver-for-amd-processors )

Usage:

Put JAMBOREE.ps1 file in a folder
Rightclick Run with PowerShell

OR

From command prompt

powershell -ExecutionPolicy Bypass -Command "iwr -UseBasicParsing https://raw.githubusercontent.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy/refs/heads/main/JAMBOREE.ps1 | iex"

More infomation on bypass Root Detection and SafeNet https://www.droidwin.com/how-to-hide-root-from-apps-via-magisk-denylist/

( Watch the Video Tutorial below it's a 3-5 min process. You only have to setup once. After that it's start burp then start AVD )

Burp/Android Emulator (Video Tutorial )

Update Video with 7minsec Podcast!

(Video Tutorials)

https://youtu.be/pYv4UwP3BaU

USB Rubber Ducky Scripts & Payloads Python 3 Arduino DigiSpark

Old payloads: https://github.com/hak5/usbrubberducky-payloads/tree/1d3e9be7ba3f80cdb008885fac49be2ba926649d/payloads

PhreakNIC 24: Java Android Magisk Burp Objection Root Emulator Easy (JAMBOREE)

https://www.youtube.com/watch?v=R1eu2Ui1ZLU

SOCFortress CoPilot / Velociraptor / Wazuh

Postgres (no admin ) and RockyLinks OracleLinux WSL !

RMS

Debloat

Burp Proxy/ZAP Proxy

Burp Crawl Config

Included %USERPROFILE%\AppData\Roaming\BurpSuite\ConfigLibrary_JAMBOREE_Crawl_Level_01.json the "Headed" Browser is no longer supported

Example Objection / Frida

Credit

Rogdham/python-xz#4 for xz extraction in Python!!!

https://github.com/newbit1/rootAVD RootAVD

Bloodhound-Portable Bloodhound Portable

Six Degrees of Domain Admin

Useful cypher queries and links

https://www.youtube.com/@specterops/videos

https://posts.specterops.io/cypher-queries-in-bloodhound-enterprise-c7221a0d4bb3

The BloodHound 4.3 Release Get Global Admin More Often.mp4 20230418

https://www.google.com/search?q=%22shortestPath%22+%22bloodhound%22+site:github.com

https://github.com/drak3hft7/Cheat-Sheet---Active-Directory

https://gist.github.com/jeffmcjunkin/7b4a67bb7dd0cfbfbd83768f3aa6eb12

https://hausec.com/2019/09/09/bloodhound-cypher-cheatsheet/

https://github.com/BloodHoundAD/BloodHound/wiki/Cypher-Query-Gallery

https://risky.biz/soapbox74/

Slack

https://bloodhoundhq.slack.com ( not sure how to get invite )

BloodHound Portable for Windows (You can run this without local admin. No Administrator required)

Presentation

Usage

1. Download the .ps1 script
2. Click the SharpHound button as a normal domain user Alternatively you can use Runas.exe inside of a VM under domain user context with runas /netonly /user:"US.COMPANY.DOMAIN.COM\UESERNAME@COMPANY.COM" cmd or try /user:"DOMAIN\USERNAME" to run SharpHound.exe
3. Click Neo4j to start the database
4. Change the default Neo4j password. Wait for Neo4j You must change password at http://localhost:7474
5. Click Bloodhound button to start bloodhound
6. Import the .zip of JSON files from the output of SharpHound.exe -s --CollectionMethods All --prettyprint true

Parse Sharphound Output Pretty_Bloodhound.py ( not needed they fixed it )

** You may need to whitelist or disable Bloodhound/Sharphound in your Endpoint Security Software ( Or just obfucate it if your lucky... Resource Hacker or echo '' >> Sharphound.exe etc ... ) **

** Last tested Bloodhound 4.1.0 **

Credit: https://bloodhound.readthedocs.io/en/latest/_images/SharpHoundCheatSheet.png