TrueSeeng是一款非反编译的Android应用程序漏洞扫描程序。
trueseeing的Python项目详细描述
trueseeing是一款用于Android应用程序的快速、准确且有弹性的漏洞扫描程序。它在android打包文件(apk)上运行,并以html格式输出综合报告。apk是否被混淆并不重要。
性能
当前trueseeing可以检测到以下类别的漏洞:
- Improper Platform Usage (M1)
- Debuggable
- Inadvent publishing of Activities, Services, ContentProviders, BroadcastReceivers
- Insecure Data (M2)
- Backupable (i.e. suspectible to the backup attack)
- Insecure file permissions
- Logging
- Insecure Commnications (M3)
- Lack of pinning (i.e. suspictible to the TLS interception attack)
- Use of cleartext HTTP
- Tamperable WebViews
- Insufficient Cryptography (M5)
- Hardcoded passphrase/secret keys
- Vernum ciphers with static keys
- Use of the ECB mode
- Client Code Quality Issues (M7)
- Reflectable WebViews (i.e. XSSs in such views should be escalatable to remote code executions via JS reflection)
- Usage of insecure policy on mixed contents
- Code Tampering (M8)
- Hardcoded certificates
- Reverse Engineering (M9)
- Lack of obfuscation
用法
以下命令行足以扫描apk(target.apk):
$ trueseeing /path/to/target.apk > report.html