There are several security analyzers for Android apps. Mainly there are two categories, you can analyze a running app directly on the mobile phone or an emulator, this is called dynamic analysis. Or, you can retrieve the APK from the Play Store or directly from the phone and analyze it independently, this is called static analysis.

• Dynamic Analyzers: frida, objection, drozer, JDWP

• Static Analyzers: apktool, androguard, MobSF

To learn more about these tools and how they are used, please refer to these two sections:

Learn Pentesting like a Pro

✅ The Ultimate Cheat Sheet for Android and iOS hacking: Part I (Static Analysis)

Learn how to analyze and bypass security for APK and IPA files. Frameworks APKInspector APKinspector is a powerful GUI tool for analysts to analyze the Android applications. https://github.com/honeynet/apkinspector/ APKTool Tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them aft…

Read more

9 months ago · pentesting.academy

Learn Pentesting like a Pro

✅ The Ultimate Cheat Sheet for Android and iOS hacking: Part II (Dynamic Analysis)

In this post you will learn how to use different tools and frameworks to audit the security of running Apps in Android and Apple smartphones. Android emulators Genymotion Genymotion Cloud: Cloud-based Android emulators running on SaaS or as virtual images on AWS, GCP or Alibaba Cloud (PaaS…

Read more

9 months ago · pentesting.academy

For additional learning if you want to learn more command and tools for apk security analysis, you can also have a look to my quiz Android app!

https://play.google.com/store/apps/details?id=com.defensahacker.pentestwikiquiz