Skip to content

Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code

License

Notifications You must be signed in to change notification settings

jaiswalakshansh/Vuldroid

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Vuldroid

Awesome supports Android

Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code.

Vulnerabilities Covered:

  • Code Execution via Malicious App
  • Steal Files via Webview using XHR request
  • Steal Files using Fileprovider via Intents
  • Steal Password ResetTokens/MagicLoginLinks
  • Webview Xss via Exported Activity
  • Webview Xss via DeepLink
  • Intent Sniffing Between Two Applications
  • Reading User Email via Broadcasts

To Get started:

  • Install the APK from the repository and play around
  • Find the areas where you think this can be exploited
  • I have also written a blog that you can refer as walkthrough but make sure you try yourself first
  • If you want to use your own firebase project for authentication clone the repo and remove the google-services.json and add your project one.

About

Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages