gitmyhub

DroidHunter

Python ★ 278 updated 2mo ago

DroidHunter is a CLI-based Android security assessment framework for authorized testing, featuring ADB device management, APK analysis, network checks, vulnerability scanning, reporting, and remote control tools.

A command line Android security assessment framework combining device management, APK analysis, vulnerability scanning, and exploit tools for authorized penetration testers.

PythonADBMetasploitscrcpysetup: hardcomplexity 4/5

DroidHunter is a command line framework for assessing the security of Android devices and apps, aimed at penetration testers and security researchers working with permission on devices and applications they are authorized to test. It brings together several tools that are often used separately into a single interface with a dark, terminal style look.

The device manager module talks to Android phones over ADB, the standard Android debugging protocol, letting a user list connected devices, pull device information, take screenshots, view live system logs, connect over WiFi instead of a cable, and transfer files. A separate APK analyzer statically inspects an app file without running it, checking the permissions it requests, looking for secrets like hardcoded API keys accidentally left in the code, and listing components the app exposes to other apps on the device. A network scanner covers basic port scanning and WiFi information gathering on the local network. A vulnerability scanner checks a device or app against a list of more than 30 known Android vulnerabilities, and also looks for common weaknesses such as insecure local data storage or a WebView configured in a risky way.

Further modules let an authorized tester launch an exported app activity directly, send crafted broadcast intents, generate Android payloads compatible with Metasploit, or build reverse shell one liner commands, all of which assume permission to test the target device. A reporting module can produce a styled HTML report, a JSON file, or a table printed to the terminal, each including remediation notes. The README states clearly, more than once, that the tool is intended for authorized testing and education only, and it asks users to only send project donations over the Ethereum network to avoid losing funds.

Where it fits