用手机轻松刷洞，移动端开源安全测试工具合集

用手机轻松刷洞，移动端开源安全测试工具合集

随着移动互联网的迅速发展，移动安全也慢慢成为了新的热门行业，以往移动应用的安全测试大多是使用在线检测平台或者手工逆向分析，动态调试的同时配合抓包软件等PC端工具作为常用测试手段，而事实上移动端的安全测试工具也不少，有时候不仅比PC端工具更方便，而且效率与准确度也更高。

本文整理了Github上一些常用的移动端开源安全测试工具，并对每个工具做了简单的介绍。如果能够熟练使用这些工具的话，相信一部手机就能让你在任何时间任何地点轻松挖漏洞。

0x01.cSpliot

项目地址：https://github.com/AndroidSecurityTools/android

简介：继dSpliot作者关闭项目转投zANTI后崛起的另一个开源网络分析与渗透测试工具。主要功能：扫描网络，检测主机漏洞，集成Metasploit框架，Nmap扫描，中间人攻击（比如webview代码执行，明文信息传输），数据包伪造，登录破解。特点：全能的网络安全测试工具，某些情况下你只需要一部手机就能进行渗透测试。工具介绍：cSploit is an Android network analysis and penetration suite which aims to offer to IT security experts/geeks the most complete and advanced professional toolkit to perform network security assesments on a mobile device.Once cSploit is started, you will be able to easily map your network, fingerprint alive hosts operating systems and running services, search for known vulnerabilities, crack logon procedures of many tcp protocols, perform man in the middle attacks such as password sniffing ( with common protocols dissection ), real time traffic manipulation。

0x02.Intent Fuzzer

项目地址：https://github.com/AndroidSecurityTools/IntentFuzzer

简介：iSEC Partners几年前出一个用于对Android组件进行Fuzzing测试的工具。 主要功能：对手机上的应用（包括系统应用及第三方应用）中的Activity，Broadcast Receiver，Service组件进行快速的Fuzzing，可用于发现隐藏的activity，绕过某些手势/密码验证，检测应用本地拒绝服务漏洞。 特点：可以快速刷普通的应用本地拒绝服务漏洞。 工具介绍：Intent Fuzzer is a tool that can be used on any device using the Google Android operating system (OS). Intent Fuzzer is exactly what is seems, which is a fuzzer. It often finds bugs that cause the system to crash or performance issues on the device. The tool can either fuzz a single component or all components. It works well on Broadcast receivers, and average on Services. For Activities, only single Activities can be fuzzed, not all them. Instrumentations can also be started using this interface, and content providers are listed, but are not an Intent based IPC mechanism.

0x03.Manifest Explorer && Manifest Analyzer

项目地址：https://github.com/AndroidSecurityTools/manifest-explorer

https://github.com/AndroidSecurityTools/ManifestAnalyzer

简介：查看手机安装的应用的Manifest配置的工具。 主要功能：查看应用Manifestxml.xml中的信息，可用于查看应用组件信息，申请的权限，可导出的组件，allowbackup与debuggble配置。 特点：分析应用组件信息时很方便。 工具介绍：This tool helps to view Android Manifests (the AndroidManifest.xml file). These manifests are part of every application users install, and part of the build of the Android platform itself. The Android Manifest is a crucial policy files that defines things like:• what permissions are available to applications• which applications can get those permissions• what the cross privilege barrier callable surface of a program is• permissions required for those calls• the user applications run as• the process components run in

0x04.Intent Intercept

项目地址：https://github.com/AndroidSecurityTools/intent-intercept

简介：查看应用间交互时发送的intent信息。 主要功能：启动后，当你需要选择打开文件/网页的应用，分享到xx时，会出现intent intercept选项，用于实时查看和编辑intent信息，并能自动生成intent scheme url 。 特点：某些情况下可以便捷的分析和修改intent信息。 工具介绍：This app attempts to intercept as many intents as possible in order to examine their contents. This helps when trying to develop an app that reacts to a particular intent.Some details of the intent can now be edited before resending it.

0x05.Content Provider Helper

项目地址：https://github.com/AndroidSecurityTools/ContentProviderHelper

简介：一款用于发掘和查询应用Content Provider信息的工具。 主要功能：检测应用是否存在暴露的Content Provider组件，查询Content Provider组件内容（SQL注入）。应用默认自带了系统的一些Content Provider，可以方便的查看通讯录，短信等等。 特点：配合其它工具，一站式刷应用content provider信息泄露漏洞。 工具介绍：this app helps developers to discover and query content providers. You can add and delete your own URIs manually or search for all available content providers on the device.App permissions are set generously to provide maximum compatibility.

0x06.Catlog & UlimateLogcat

项目地址：https://github.com/AndroidSecurityTools/Catlog

https://github.com/AndroidSecurityTools/UltimateLogcat

简介：查看logcat日志工具。 主要功能：在手机上查看指定应用/关键词/级别的logcat日志，可用于监测应用Crash及其它报错信息，检测应用是否通过logcat泄露敏感信息（如密码，url，cookie等）。 特点：用途很广，有时会惊喜。 工具介绍:CatLog is a free and open-source log reader for Android.It shows a scrolling (tailed) view of the Android “Logcat” system log, hence the goofy name. It also allows you to record logs in real time, send logs via email, and filter using a variety of criteria.

0x07 Others

由于本文主要介绍的是开源的安全测试工具，所以像Root Explorer，SQL Editor，zANTI等优秀的商业应用这里就不做过多介绍了，日后有不错的移动端安全测试工具我会继续更新到：https://github.com/AndroidSecurityTools 和 http://www.droidsec.cn ，欢迎大家收藏和交流。最后说两句，我们同样可以通过学习这些开源工具的代码和思路去编写自己的安全工具，也希望日后能看到越来越多的国内安全研究者分享自己的作品，让移动安全受到更多用户与厂商重视！