Adhrit is an open source Android APK reversing and analysis tool that can help security researchers and CTF enthusiasts alike. The tool is an effort to cut down on the amount of time spent on reversing and basic reconnaissance of Android applications. The project is still under progress and will continually incorporate features with time. Feel free to report the issues. Feature requests and suggestions are always welcome!
-
- assets
- classes.dex
- native libraries
- jar file from dex (integrated Enjarify)
-
- Certificate/signature
- Java source (CFR)
- smali source
- Parsed XML resource files
- Parsed AndroidManifest
- Native library
-
- Manifest analysis
- Critical permission usage analysis
- MainActivity identification
- Backup status
- Exported activities
- Automated ADB payload generation for exported activities
- Bytecode analysis
- const-strings
- CTF flags
- URLs
- Malware analysis
- VirusTotal scan
- VirtualApp droppers scan
- Manifest analysis
-
- Automatically setting up a testing environment
- Launching MainActivity
- Checking for root access in the emulator/device
- Dumping the runtime log
-
- Rebuilding the APK
- Signing the APK
- Deploying the APK into an emulator/device
- Disassembly of native libraries
- Linux or MAC
- Python3
- Java JDK
- Dowload the zip or clone the package and extract the tool (
git clone https://github.com/abhi-r3v0/Adhrit.git
). - Open
config
and input your VirusTotal API key without any quotes. (Click here to know how to obtain your VT API key) - Open a terminal and cd into the directory.
- Run
python3 installer.py
for installing the necessary tools.
- Place the application (apk file) in the tool directory.
- Use
python3 adhrit.py -h
for usage help.
Example: python3 adhrit.py -a myapp.apk
ADHRIT can now be run in two modes:
python3 adhrit.py -pen myapp.apk
python3 adhrit.py -mal myapp.apk
Refer to the detailed documentation for complete details
- Abhishek J M ([email protected], @abhi_r3v0)
- P S Narayanan ([email protected], @0xP5N_)
- Akhil Mahendra ([email protected], @Akhil_Mahendra)
- Heeraj Nair ([email protected], @heerajnair)
- Vaisakh ([email protected], @vaisakhjnr) (new)
- Loyd Jayme ([email protected], @loydjayme25)
- Troopers
- Seclist
- DedSec
- Neonix
- Howucan.gr
- HackerTor
- tuicool
- Tuisec
- @androidtools on Twitter
- pcbbc
- Ethical Hacking Consultants
- Anonymoushacker
- Pax0r
- KitPloit
- ISEC
- Prodefence
- appscan.io
- Weixin
- blackhatsecdevteam
- 360doc
- Hackers Online Club
- Altervista
- Xaunwulab
- Prodefense
- Digital Munition
- Xenicom
- Filenames with two '.' may give an error. Please rename the apk in such cases.
For example, if your file name is
my.app.apk
, rename it tomyapp.apk