Hackers of India

Adhrit: Android Security Suite

By  Abhishek Jm   Akhil Mahendra  on 01 Oct 2020 @ Blackhat : Arsenal

This Tool Demo covers following tools where the speaker has contributed or authored
ADHRIT

Abstract

Adhrit is an open-source Android APK reversing and analysis suite. The tool is an effort to find an efficient solution to all the needs of mobile security testing and automation. Adhrit has been built with a focus on flexibility and modularization. Adhrit currently uses the Ghera benchmarks to identify vulnerability patterns in Android applications by scanning for vulnerable code patterns in the bytecode, thus being immune to usual code obfuscation techniques. The tool also supports automated ADB payload generation for exported activities, scans for API endpoints and URLs embedded in APK files, extracts base64 strings from native libraries and searches for various issues in web views, intents, networking configurations and identifies weak crypto implementations. Adhrit has been presented at conferences like OWASP Seasides, ThreatCon, and Cysinfo.