The Android Security Toolkit is a bash script designed to assist in various security testing activities on Android devices. It provides a convenient interface for tasks such as extracting APKs, decompiling APKs, running activities, and identifying potential security vulnerabilities. The toolkit is particularly useful for security researchers, penetration testers, and developers concerned with Android app security.
git clone https://github.com/nahid0x1/android-security-toolkit
cd android-security-toolkit
sudo bash androkit.sh --install
For MacOS
androkit --install-mac
For Linux Distribution
androkit --install-linux
androkit <IP>:<PORT>
androkit --help or -h
androkit --report
⣿⣿⣿⣿⣿⣿⣧⠻⣿⣿⠿⠿⠿⢿⣿⠟⣼⣿⣿⣿⣿⣿⣿ v3.2
⣿⣿⣿⣿⣿⣿⠟⠃⠁⠀⠀⠀⠀⠀⠀⠘⠻⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⡿⠃⠀⣴⡄⠀⠀⠀⠀⠀⣴⡆⠀⠘⢿⣿⣿⣿⣿
⣿⣿⣿⣿⠃⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠘⣿⣿⣿⣿
⣿⠿⢿⣿⠶⠶⠶⠶⠶⠶⠶⠶⠶⠶⠶⠶⠶⠶⠶⣿⡿⠿⣿ @nahid0x1
⡇⠀⠀⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⠀⠀⢸
⡇⠀⠀⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⠀⠀⢸
⡇⠀⠀⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⠀⠀⢸
⡇⠀⠀⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⠀⠀⢸
⣧⣤⣤⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣿⣤⣤⣼
⣿⣿⣿⣿⣶⣤⡄⠀⠀⠀⣤⣤⣤⠀⠀⠀⢠⣤⣴⣿⣿⣿⣿
⣿⣿⣿⣿⣿⣿⡇⠀⠀⠀⣿⣿⣿⠀⠀⠀⢸⣿⣿⣿⣿⣿⣿
⣿⣿⣿⣿⣿⣿⣿⣤⣤⣴⣿⣿⣿⣦⣤⣤⣾⣿⣿⣿⣿⣿⣿
Selected Android [Galaxy S4]
01. All Packages Names 10. Setup Frida-Server To Android
02. Show Installed App Packages 11. Start Frida-Server [Android]
03. Extract APK 12. SSL Pinning Bypass [Frida]
04. Decompile APK [JADX]
05. Decompile APK [Apktool]
06. Run Activity
07. Show Exploitable Activity
08. Webview Exploit
09. Install APK To Android
(connect) (disconnect)
(devices) (root)
Install requirement for:
$> Mac
$> Linux
[Galaxy S4] Console>
The Android Security Toolkit is compatible with both Linux and macOS operating systems. It relies on standard bash scripting and commonly used tools for Android security testing.
This toolkit is intended for educational and security testing purposes only. It should be used responsibly and with appropriate permissions. The authors and contributors of this toolkit are not responsible for any misuse or damage caused by its usage. Always ensure that you have proper authorization before conducting security testing on any device or application.