Drozscan is just an automated script to run all drozer commands in a single run. See the results in CLI, JSON or HTML.
NOTE : Make sure you installed and configured the drozer tool before running the script.
- Linux/OSX machine
- Genymotion/Android emulator/Rooted device
- Get Package complete Info
- Get activities information
- Get broadcast receivers information
- Get attack surface details
- Get package with backup API details
- Get Android Manifest of the package
- Get native libraries information
- Get content provider information
- Get URIs from package
- Get services information
- Get native components included in package
- Get world readable files in app installation directory /data/data/<package_name>/
- Get world writeable files in app installation directory /data/data/<package_name>/
- Get content providers that can be queried from current context
- Perform SQL Injection on content providers
- Find SQL Tables trying SQL Injection
- Test for directory traversal vulnerability
- Make sure you have connected the android virtual device to your attacking machine.
- Check whether Port forwarding is done for drozer client.
- Download or Clone the drozscan Repo.
- From the terminal, move into Garuda Directory
- Run
python scanme.py