Introduction
Inspeckage is a tool developed to offer dynamic analysis of Android applications. With this tool we can better understand what an Android application is doing at runtime.
How it works?
It is a simply application (apk) with an internal HTTP server providing a friendly web interface.
Features
Information gathering
Hooks (until now)
With the hooks, we can see what the application is doing in real time.
Actions
With the Xposed is possible do some actions like start a not exported activity!
Extras
Configuration
Even with some hooks at HTTP libraries, using an external proxy tool it is still the best alternative to analyze the traffic.
Requirements
Download
http://ift.tt/1SaZV8X
Source Code
http://ift.tt/1XTRPlu
Screenshots
Tab Screenshot
Reporting bugs
For bug reports and feature requests, please post them in the GitHub Issues page.
Genymotion
I made a small tutorial on how to get it ready for Inspeckage.
http://ift.tt/1SaZWcY
XDA:DevDB Information
Inspeckage, Xposed for all devices (see above for details)
Contributors
acarlosmartins
Source Code: http://ift.tt/1XTRPlu
Xposed Package Name: mobi.acpm.inspeckage
Version Information
Status: Beta
Current Beta Version: 1.0
Created 2016-02-29
Last Updated 2016-02-28
Inspeckage is a tool developed to offer dynamic analysis of Android applications. With this tool we can better understand what an Android application is doing at runtime.
How it works?
It is a simply application (apk) with an internal HTTP server providing a friendly web interface.
Features
Information gathering
- Requested Permissions
- App Permissions
- Shared Libraries
- Exported Activities and Non Exported Activities
- Exported Content Provider and Non Exported Content Provider
- Exported Services and Non Exported Services
- Exported Broadcast Receiver and Non Exported Broadcast Receiver
- If is Debuggable
- Version, UID and GIDs
- etc
Hooks (until now)
With the hooks, we can see what the application is doing in real time.
- Shared Preferences (log and file)
- Serialization
- Crypto
- Hash
- SQLite
- HTTP (a http proxy tool it is still the best alternative)
- File System
- Miscellaneous (Clipboard, URL.Parse())
- WebView
- IPC
Actions
With the Xposed is possible do some actions like start a not exported activity!
- Start any activity (exported and non exported)
- Calling any provider (exported and non exported)
- Disable FLAG_SECURE
- SSL uncheck
- Start, close and restart the application
Extras
- APK Download
- View the app's directory tree
- Download the app files
- Download the output generated by hooks in text file format
- Printscreen
Configuration
Even with some hooks at HTTP libraries, using an external proxy tool it is still the best alternative to analyze the traffic.
- Add a proxy to the target app
- Enable and disable proxy
- Add entries in the arp table
Requirements
- Xposed Framework
Download
http://ift.tt/1SaZV8X
Source Code
http://ift.tt/1XTRPlu
Screenshots
Tab Screenshot
Reporting bugs
For bug reports and feature requests, please post them in the GitHub Issues page.
Genymotion
I made a small tutorial on how to get it ready for Inspeckage.
http://ift.tt/1SaZWcY
XDA:DevDB Information
Inspeckage, Xposed for all devices (see above for details)
Contributors
acarlosmartins
Source Code: http://ift.tt/1XTRPlu
Xposed Package Name: mobi.acpm.inspeckage
Version Information
Status: Beta
Current Beta Version: 1.0
Created 2016-02-29
Last Updated 2016-02-28
via xda-developers http://ift.tt/1SaZWd0
Put the internet to work for you.
No comments:
Post a Comment