Sunday, August 24, 2014

Android App Security / Vulnerability Scanner

Bluebox Security Scanner:

                                        will scan your device to determine:
- If your system is vulnerable or patched to any of the "Fake ID" or "Master Key" security flaws affecting most Android devices
- If your system settings allow 'Untrusted Sources' application installs
- If any installed application on your device is trying to maliciously take advantage of any of the 'Master Key' security flaws.




Further details of the Android "Fake ID" and "Master Key" security flaws are available


Download Link : https://play.google.com/store/apps/details?id=com.bluebox.labs.onerootscanner

 eEye Android Scanner:
                                  eEye Digital Security, the security industry's most trusted name in vulnerability assessment has brought their expertise to your Android phone.
Did you know that more than 80% of employees now use personal smartphones for work-related purposes? Every day these devices access email, games, and work related material
and are unchecked by your businesses' standard vulnerability management processes.
Until now, one of the biggest challenges for consumers and information technology security teams was they inability to determine potential vulnerabilities on their mobile assets as they do their servers and desktops. Watch the video below to see how Retina CS is solving that problem and how users can download the tool for free to check their own devices.
Benefits of Mobile Security in Retina CS to extend the benefits of this free agent:
Retina CS is the first and only product to integrate mobile device assessment and vulnerability management for complete visibility and context on all vulnerabilities ­ so that your team can discover, prioritize, and fix weaknesses quickly.



* Reduce overall IT security risk by extending vulnerability management to your BlackBerry, Android and ActiveSync-managed mobile devices
* Reduce resource demands by automating vulnerability assessment for mobile devices with in-depth scanning.
* Simplify and improve IT security by managing mobile devices and all other assets through a single, Web-based console.
* Gain greater visibility through vulnerability profiles of mobile devices accessing your network.
* Streamline remediation through advanced threat prioritization according to severity of mobile vulnerabilities.Use built-in and custom audits to scan for weaknesses in mobile device hardware, applications, and configurations.
* Report on mobile device vulnerabilities and demonstrate compliance.



Download Link : https://play.google.com/store/apps/details?id=com.eeye.mobile.android


Belarc Security Advisor:
                                     does this by automatically checking your Android tablet or phone for over 400 security vulnerabilities in both the operating system and installed apps, and gives you the result in seconds as to which ones are vulnerable and need to be updated. The Security Advisor also works with all other security apps such as anti-virus and anti-malware apps.
 
 
Download Link : https://play.google.com/store/apps/details?id=com.belarc.securityadvisor
 
Drozer :
          helps to provide confidence that Android apps and devices being developed by, or deployed across, your organisation do not pose an unacceptable level of risk. By allowing you to interact with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. 

Drozer provides tools to help you use and share public exploits for Android. For remote exploits, it can generate shellcode to help you to deploy the drozer Agent as a remote administrator tool, with maximum leverage on the device.

Faster Android Security Assessments

drozer helps to reduce the time taken for Android security assessments by automating the tedious and time-consuming.
  • Discover and interact with the attack surface exposed by Android apps.
  • Execute dynamic Java-code on a device, to avoid the need to compile and install small test scripts.
 
Download Link : https://www.mwrinfosecurity.com/products/drozer/community-edition/
 
TrustGo Mobile Security :
                                protects you from today's most dangerous malware and viruses PLUS apps that can steal your personal privacy, identity and data. In addition, TrustGo offers "Find My Phone" features including remote location, lock, alarm and "Candid Camera" thief ID (via email), system tools and web browsing security...all in one totally Free package.
 
TrustGo detects and removes all the latest malicious apps and viruses, and is the only security app that protects your privacy and data from High Risk apps that others miss.

 
TrustGo has achieved West Coast Labs’ Checkmark Certification! It is one of the best products in malware detection test by AV-Comparatives
 
Key Features:
Security Scanner - On-demand or scheduled scans of your mobile phone or tablet and SD card to find and remove viruses, malware, spyware and trojans PLUS risky apps that can steal your data.
Secure App Search - Our Secure App Finder Engine (SAFE) lets you search and download apps that you know are safe. TrustGo alerts you before downloading bad and risky apps. 
 
Download link :
https://play.google.com/store/apps/details?id=com.trustgo.mobile.security

 PenTest Tools List:
 
             is a list of android apps for penetration testing.IT IS JUST A LIST, DON'T EXPECT ANYTHING MORE THAN THAT (sorry for all caps, but some people expect matrix meets mission impossible... and give a bad rating when their expectations are not met :) )
Please read the description...
Penetration test is used to test security of something. (if that something passes penetration test, there is a higher chance that hacker cant hack into it)


Apps are sorted with Tags.
Features:
Links to Apps on the Play Store.
Links to Apps that are NOT on the Play Store
Links to Source Code of Open Source Apps
Links to App websites.
Links to Google the name of the App or App Package.

 Download Link : https://play.google.com/store/apps/details?id=com.itslap.pentesttools