Android application vulnerability analysis and Android pentest tool
Ruby Shell HTML
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
config 코드 리팩토링 Jul 26, 2018
ex_tool 코드 리팩토링 Jul 26, 2018
sample v1.0 May 31, 2016
src 코드 리팩토링 Jul 26, 2018
template v2.0 Jul 26, 2016
Gemfile 코드 리팩토링 Jul 26, 2018
LICENSE v1.0_dev May 30, 2016
README.md Update README.md Jul 6, 2018
dhunter.rb 코드 리팩토링 Jul 26, 2018
install.sh fixed parsedroid vulnerability Feb 3, 2018
string_filter upload aapt binary(macos), issue-12 Feb 10, 2018

README.md

MIT License

        .---.        .-----------
       /     \  __  /    ------
      / /     \(  )/    -----     ╔╦╗╦═╗╔═╗╦╔╦╗   ╦ ╦╦ ╦╔╗╔╔╦╗╔═╗╦═╗
     //////   ' \/ `   ---         ║║╠╦╝║ ║║ ║║───╠═╣║ ║║║║ ║ ║╣ ╠╦╝
    //// / // :    : ---          ═╩╝╩╚═╚═╝╩═╩╝   ╩ ╩╚═╝╝╚╝ ╩ ╚═╝╩╚═
   // /   /  /`    '--                         By HaHwul
  //          //..\\                         www.hahwul.com
         ====UU====UU====         https://github.com/hahwul/droid-hunter
             '//||\\`
               ''``

DROID-HUNTER

1. DROID-HUNTER

Android application vulnerability analysis and Android pentest tool


A. Support
> App info check
> Baksmaling android app
> Decompile android app
> Extract class file
> Extract java code
> Pattern base Information Leakage

2. How to Install?

A. Download(clone) & Unpack DROID-HUNTER

git clone https://github.com/hahwul/droid-hunter.git
cd droid-hunter

B. Install Ruby GEM

gem install html-table
gem install colorize

C. Set external tools

Editing "./config/config.rb"

# Tool path
$p_adb = "/usr/bin/adb"     
$p_aapt = "/usr/bin/aapt"   # Path aapt
                            # macOS > (https://github.com/hahwul/droid-hunter/issues/12)
$p_dex2jar = File.dirname(__FILE__)+"/../ex_tool/dex2jar-0.0.9.15/dex2jar.sh"
$p_apktool = File.dirname(__FILE__)+"/../ex_tool/apktool/apktool_2.3.1.jar"
$p_jad = File.dirname(__FILE__)+"/../ex_tool/jad/jad"
$p_grep = "/bin/grep"
$p_unzip = "/usr/bin/unzip"
$p_sfilter = File.dirname(__FILE__)+"/../string_filter"

D. Run DROID-HUNTER

ruby dhunter.rb

3. How to Use?

Usage: ruby dhunter.rb [APK]
Command
-a, --apk : Analysis android APK file.
 + APK Analysis
   => dhunter -a 123.apk[apk file]
   => dhunter --apk 123.apk aaa.apk test.apk hwul.apk
-p, --pentest : Penetration testing Device
 + Pentest Android
   => dhunter -p device[device code]
   => dhunter --pentest device
-v, --version : Show this droid-hunter version
-h, --help : Show help page

4. Support

Bug: Add issue(github)
Contact: hahwul@gmail.com

5. TO-DO List

Add Vulnerability Scanning module
Update string pattern
Intent diagram


## 6. Screen shot

7. Donate

Donate