Abstract

Adhrit is an open-source Android application security analysis suite. The tool is an effort to find an efficient solution to all the needs of mobile security testing and automation. Adhrit has been built with a focus on flexibility and modularization. It currently uses the Ghera benchmarks to identify vulnerable code patterns in the bytecode. Apart from bytecode scanning, Adhrit can also identify hardcoded secrets within Android applications. The tool also comes with a built-in integration to popular softwares like Jira and Slack which can be configured to automate and streamline the Android application review process. Adhrit has been presented at conferences like Black Hat Asia, OWASP Seasides and Cysinfo.