Favorite Android App Hacking Tools

Below is a list of some of my favorite tools to use for hacking android applications. Each one has its particular usefulness and can be fun to use. Most of them are open source projects so feel free to reach out to the developers on Github to ask for help or even contribute. I’ve found it that they are very helpful.

  1. Android SDK
    • http://developer.android.com/sdk/index.html
    • This is a must have for obvious reasons
    • Main SDK used to interact with android. Particular tools of interest are Android Debug Bridge (ADB) and AAPT.
    • Used to gain shell access to a device. Allows for an array of actions via command line.
  2. Android Backup Extractor
    • https://github.com/nelenkov/android-backup-extractor
    • Used to extract android application backups. Apps with the flag allowBackups=”true” in their AndroidManifest.xml can be backed up. The backup will include information such as preferences, the APK itself, and any database files that are stored on that application. This often times contains PII and passwords, unfortunately.
    • Backups will not retrieve data for an application that is on external storage. You will have to access the external storage separately to access any data that may be stored outside of the application’s context.
    • Doesn’t work very well if the device has encryption turned on. Depends on the device.
  3. APK Tool
    • https://code.google.com/p/android-apktool/
    • Used to decompile an APK and commonly used for reverse engineering.
    • Useful for looking for hardcoded passwords or encryption keys when source code is not available.
    • You can look at the resulting android manifest file to see which services and activities can be called. Checking for restrictions can be useful.
    • Check resulting android manifest file for any particular URIs that an application accepts. It may be an entry point.
  4. Fastboot
    • http://elinux.org/Android_Fastboot
    • Used to manipulate partitions on the device
    • Let’s you reset partitions and also flash the device with other images.
    • Keep in mind that flashing the system partition does NOT remove the app partition where application data is stored. This can be useful when working with an Mobile Device Management (MDM) where the MDM is installed on the system partition and prevents access at the App partition level. If you flash the system partition, the MDM will be gone and you’ll have unrestricted access to data on the App partition.
  5. Burp Suite Pro
    • http://portswigger.net/burp/
    • Favorite proxy tool for anything really
    • Keep in mind that some applications use WebSockets so keep an eye on that tab
    • When proxying Android apps, you may need to accept other MIME types that aren’t on by default.
  6. OWASP Dependency Check
  7. Dex2Jar
    • https://code.google.com/p/dex2jar/
    • When reverse engineering an android APK, you can use this tool to get the java code for the outputs provided by the APK tool above.
    • This can also be used to decompile an APK, modify it, and then re-package it. Keep in mind this will ruin the signature of the APK but it will remain the same otherwise.
    • Can be buggy
  8. SQLite Database Browser
  9. Towel Root
    • https://towelroot.com/
    • Used to root Android devices. Can root just about anything except for a few I’ve already reported to the developer.
    • Root access = game over 99% of the time.

One thought on “Favorite Android App Hacking Tools

  1. Tim says:

    Great list for hacking tools, thanks..

    Download Full Games

Leave a Reply

Your email address will not be published. Required fields are marked *