Analysis updated 2026-05-18
Pull device information, screenshots, and live logs from an Android phone over ADB during an authorized test.
Statically scan an APK file for hardcoded secrets and risky exported components.
Check a device or app against a list of known Android CVEs and common misconfigurations.
Generate a styled HTML report summarizing findings from an authorized penetration test.
| hexsecteam/droidhunter | openhelix-team/robomemarena | yxuanar/code-as-room | |
|---|---|---|---|
| Stars | 57 | 57 | 57 |
| Language | Python | Python | Python |
| Setup difficulty | hard | hard | hard |
| Complexity | 4/5 | 5/5 | 4/5 |
| Audience | researcher | researcher | researcher |
Figures from each repo's GitHub metadata at analysis time.
Needs ADB, and optionally scrcpy and Metasploit installed, plus a device with USB debugging enabled.
DroidHunter is a command line framework for assessing the security of Android devices and apps, aimed at penetration testers and security researchers working with permission on devices and applications they are authorized to test. It brings together several tools that are often used separately into a single interface with a dark, terminal style look. The device manager module talks to Android phones over ADB, the standard Android debugging protocol, letting a user list connected devices, pull device information, take screenshots, view live system logs, connect over WiFi instead of a cable, and transfer files. A separate APK analyzer statically inspects an app file without running it, checking the permissions it requests, looking for secrets like hardcoded API keys accidentally left in the code, and listing components the app exposes to other apps on the device. A network scanner covers basic port scanning and WiFi information gathering on the local network. A vulnerability scanner checks a device or app against a list of more than 30 known Android vulnerabilities, and also looks for common weaknesses such as insecure local data storage or a WebView configured in a risky way. Further modules let an authorized tester launch an exported app activity directly, send crafted broadcast intents, generate Android payloads compatible with Metasploit, or build reverse shell one liner commands, all of which assume permission to test the target device. A reporting module can produce a styled HTML report, a JSON file, or a table printed to the terminal, each including remediation notes. The README states clearly, more than once, that the tool is intended for authorized testing and education only, and it asks users to only send project donations over the Ethereum network to avoid losing funds.
A command line Android security assessment framework combining device management, APK analysis, vulnerability scanning, and exploit tools for authorized penetration testers.
Mainly Python. The stack also includes Python, ADB, Metasploit.
Marked as an educational use license in the README, without further detail on what it permits or restricts.
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.