Scripts to help test Android apps
Recurses through smali files and looks for strings commonly associated with root detection mechansims. Prints the filepath, method name, and detected string. Should also print the file where the method is invoked, but is it bit buggy, and doesn't always work...not sure why and not too important at the moment.
Automates the process of installing a Burp Suite certificate on a rooted Android device prior to Android Nougat. Installs a cert as a system trusted CA. I noticed a few intermittent SSL error on certain sites when testing on Marshmallow, but works perfect on an emulated KitKat. I only have tested this on emulated devices. Requires PyOpenSSL, as well as having ADB installed in your path and Burp running, and a connected device reachable with ADB. Mostly based on this blogpost.
Automates the process of making apps work with Burp Suite in Android devices from Nougat forward. Decompiles an APK, adds a network-security-config and Burp's CA cert to the project and recompiles. Only tested on emulated Nougat. Requires apktool, keytool and jarsigner (available in the JDK), to be in your path, and requires Burp to be running (or you can supply a path to the cacert.der). Mostly based on this blogpost.