Convert Figma logo to code with AI

WithSecureLabs logodrozer

The Leading Security Assessment Framework for Android.

3,888
775
3,888
4

Top Related Projects

3,888

The Leading Security Assessment Framework for Android.

1,393

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

3,888

The Leading Security Assessment Framework for Android.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

3,192

Tool to look for several security related Android application vulnerabilities

Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.

Quick Overview

Drozer is an Android security assessment framework developed by WithSecure Labs. It allows security researchers and developers to search for security vulnerabilities in Android applications and devices by assuming the role of an app and interacting with the Dalvik VM, other apps' IPC endpoints, and the underlying OS.

Pros

  • Comprehensive security testing tool for Android applications
  • Supports remote exploitation and post-exploitation activities
  • Extensible through modules and plugins
  • Actively maintained and regularly updated

Cons

  • Requires rooted Android device or emulator for full functionality
  • Steep learning curve for beginners
  • Limited documentation for advanced features
  • May trigger security alerts on some Android devices

Getting Started

  1. Install Drozer:

    pip install drozer
    
  2. Start the Drozer console:

    drozer console connect
    
  3. List available modules:

    dz> list
    
  4. Run a module:

    dz> run app.package.list
    
  5. For remote connections, start the Drozer server on the Android device:

    adb forward tcp:31415 tcp:31415
    drozer console connect
    

Note: Ensure you have a rooted Android device or emulator set up before using Drozer. Always obtain proper authorization before testing any applications or devices you don't own.

Competitor Comparisons

3,888

The Leading Security Assessment Framework for Android.

Pros of drozer

  • More active development and recent updates
  • Larger community and user base
  • Better documentation and support resources

Cons of drozer

  • Potentially more complex setup and configuration
  • May have a steeper learning curve for beginners
  • Possibly more resource-intensive due to additional features

Code Comparison

drozer:

from drozer.modules import Module

class ExampleModule(Module):
    name = "Example Module"
    description = "This is an example module"
    
    def run(self, arguments):
        self.stdout.write("Hello from drozer!")

drozer>:

# No direct code comparison available
# drozer> appears to be a typo or non-existent repository

Summary

drozer is a well-established and actively maintained Android security assessment framework. It offers a comprehensive set of tools for analyzing Android applications and devices. The project benefits from regular updates, a larger community, and extensive documentation. However, it may require more setup time and resources compared to simpler alternatives.

As for drozer>, it appears to be a typo or non-existent repository. There is no direct comparison available between the two, as only drozer is a valid and accessible project on GitHub.

1,393

A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.

Pros of House

  • More modern and actively maintained, with recent updates
  • Supports both Android and iOS platforms
  • User-friendly web interface for easier interaction

Cons of House

  • Less comprehensive feature set compared to Drozer
  • Steeper learning curve for users familiar with Drozer's command-line interface
  • Limited community support and documentation

Code Comparison

Drozer (Python):

from drozer.modules import Module

class ExampleModule(Module):
    name = "Example Module"
    description = "This is an example module"
    
    def execute(self, arguments):
        print("Hello from Drozer!")

House (JavaScript):

const House = require('house');

const exampleModule = {
  name: 'Example Module',
  description: 'This is an example module',
  run: () => {
    console.log('Hello from House!');
  }
};

House.registerModule(exampleModule);

Both repositories provide tools for mobile application security testing, but they differ in their approach and target platforms. Drozer focuses primarily on Android and offers a more extensive set of features through its command-line interface. House, on the other hand, provides a web-based interface and supports both Android and iOS, making it more accessible for users who prefer graphical interfaces. However, House may lack some of the advanced features and community support that Drozer has built over time.

3,888

The Leading Security Assessment Framework for Android.

Pros of drozer

  • More active development and recent updates
  • Larger community and user base
  • Better documentation and support resources

Cons of drozer

  • Potentially more complex setup and configuration
  • May have a steeper learning curve for beginners
  • Possibly more resource-intensive due to additional features

Code Comparison

drozer:

from drozer.modules import Module

class ExampleModule(Module):
    name = "Example Module"
    description = "This is an example module"
    
    def run(self, arguments):
        self.stdout.write("Hello from drozer!")

drozer>:

# No direct code comparison available
# drozer> appears to be a typo or non-existent repository

Summary

drozer is a well-established and actively maintained Android security assessment framework. It offers a comprehensive set of tools for analyzing Android applications and devices. The project benefits from regular updates, a larger community, and extensive documentation. However, it may require more setup time and resources compared to simpler alternatives.

As for drozer>, it appears to be a typo or non-existent repository. There is no direct comparison available between the two, as only drozer is a valid and accessible project on GitHub.

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Pros of Mobile-Security-Framework-MobSF

  • Supports both Android and iOS app analysis
  • Provides a comprehensive web-based dashboard for results
  • Offers static and dynamic analysis capabilities

Cons of Mobile-Security-Framework-MobSF

  • May require more setup and resources due to its comprehensive nature
  • Less focused on interactive testing compared to Drozer
  • Can be slower for quick, targeted assessments

Code Comparison

MobSF (Python):

def scan_file(self, file_path):
    # Perform static analysis
    static_analysis_result = self.static_analyzer.analyze(file_path)
    # Perform dynamic analysis
    dynamic_analysis_result = self.dynamic_analyzer.analyze(file_path)
    return static_analysis_result, dynamic_analysis_result

Drozer (Python):

def run(self, arguments):
    if arguments.exploit is not None:
        module = self.loadModule(arguments.exploit)
        module.run(arguments)
    elif arguments.console:
        self.run_console()

The code snippets highlight the different approaches:

  • MobSF focuses on comprehensive static and dynamic analysis
  • Drozer emphasizes interactive console-based testing and exploitation

Both tools are valuable for mobile app security testing, with MobSF offering a broader analysis scope and Drozer providing more targeted, interactive capabilities.

3,192

Tool to look for several security related Android application vulnerabilities

Pros of QARK

  • Broader scope: Analyzes both Android source code and APK files
  • Provides detailed reports with remediation suggestions
  • Integrates with CI/CD pipelines for automated security checks

Cons of QARK

  • Less active development and community support
  • May produce more false positives compared to Drozer
  • Limited to static analysis, lacking dynamic testing capabilities

Code Comparison

QARK (Python):

def find_manifest(self):
    for root, dirs, files in os.walk(self.apk_directory):
        if "AndroidManifest.xml" in files:
            return os.path.join(root, "AndroidManifest.xml")
    return None

Drozer (Python):

def getContext(self):
    return self.__context

def getContentResolver(self):
    return self.getContext().getContentResolver()

Both tools are written in Python, but they serve different purposes. QARK focuses on static analysis of Android applications, while Drozer is primarily used for dynamic testing and interaction with Android devices. QARK's code snippet shows its ability to locate and analyze the AndroidManifest.xml file, which is crucial for identifying potential security issues. Drozer's code, on the other hand, demonstrates its integration with the Android runtime environment, allowing for real-time interaction and testing of Android components.

Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.

Pros of android-vts

  • User-friendly GUI for easy navigation and test execution
  • Comprehensive set of vulnerability tests specific to Android devices
  • Regular updates to include new vulnerabilities and security checks

Cons of android-vts

  • Limited to Android platform, while drozer supports multiple platforms
  • Less extensive documentation compared to drozer
  • Fewer active contributors and community support

Code Comparison

android-vts (Java):

public class VulnerabilityTest {
    public void runTest() {
        // Test implementation
    }
}

drozer (Python):

class ExploitModule(Module):
    def run(self, arguments):
        # Exploit implementation

android-vts focuses on providing a user-friendly interface for vulnerability testing on Android devices, with a comprehensive set of pre-defined tests. It's ideal for users who prefer a graphical approach and want to quickly assess their Android device's security.

drozer, on the other hand, offers a more versatile and extensible framework for security testing across multiple platforms. It provides a command-line interface and supports custom module development, making it suitable for advanced users and security professionals who require more flexibility in their testing approach.

Both tools serve different purposes and cater to different user preferences, with android-vts being more specialized for Android vulnerability testing and drozer offering a broader scope for security assessment across platforms.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

drozer

drozer is a security testing framework for Android.

drozer allows you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Android Runtime, other apps' IPC endpoints and the underlying OS.

drozer provides tools to help you use, share and understand public Android exploits.

drozer is open source software, maintained by WithSecure, and can be downloaded from: https://labs.withsecure.com/tools/drozer/

NOTE

This is an BETA release of a rewritten drozer version; this version is updated to support python3.

Currently, the following known issues are present:

  • Building of custom agents functionality will crash the drozer client. This functionality is considered out of scope for the beta release of the revived drozer project.

Docker Container

To help with making sure drozer can be run on all systems, a Docker container was created that has a working build of drozer.

  • The Docker container and basic setup instructions can be found here.
  • Instructions on building your own Docker container can be found here.

Manual Building and Installation

Software pre-requisites

  1. Python3.8
  2. Protobuf 4.25.2 or greater
  3. Pyopenssl 22.0.0 or greater
  4. Twisted 18.9.0 or greater
  5. Distro 1.8.0 or greater
  6. Java Development Kit 11 or greater

Installing

You can use pip or pipx (preferably, if available) to install the latest release of drozer from PyPI:

pipx install drozer

Alternatively, you can download individual releases from GitHub and run:

pipx install ./drozer-*.whl

If you haven't already, consider running:

pipx ensurepath

to ensure pipx-installed packages appear in your PATH

Building

To build drozer from source you can run.

git clone https://github.com/WithSecureLabs/drozer.git
cd drozer
pip install .

To build the Android native components against a specific SDK you can set the ANDROID_SDK environment variable to the path. For example:

Linux/macOS:

export ANDROID_SDK=/home/drozerUser/Android/Sdk/platforms/android-34/android.jar

Windows - PowerShell:

New-Item -Path Env:\ANDROID_SDK -Value 'C:\Users\drozerUser\AppData\Local\Android\sdk\platforms\android-34\android.jar'

Windows - cmd:

set ANDROID_SDK = "C:\Users\drozerUser\AppData\Local\Android\sdk\platforms\android-34\android.jar"

The location of the d8 tool used can also be changed by setting D8.

Usage

Installing the Agent

drozer can be installed using Android Debug Bridge (adb).

Download the latest drozer Agent here.

adb install drozer-agent.apk

Setup for session

You should now have the drozer Console installed on your PC, and the Agent running on your test device. Now, you need to connect the two and you’re ready to start exploring.

We will use the server embedded in the drozer Agent to do this. First, launch the Agent, select the "Embedded Server" option and tap "Enable" to start the server. You should see a notification that the server has started.

Then, follow one of the options below.

Option 1: Connect to the phone via network

By default, the drozer Agent listens for incoming TCP connections on all interfaces on port 31415. In order to connect to the Agent, run the following command:

drozer console connect --server <phone's IP address>

If you are using the Docker container, the equivalent command would be:

docker run --net host -it withsecurelabs/drozer console connect --server <phone's IP address>

Option 2: Connect to the phone via USB

In some scenarios, connecting to the device over the network may not be viable. In these scenarios, we can leverage adb's port-forwarding capabilities to establish a connection over USB.

First, you need to set up a suitable port forward so that your PC can connect to a TCP socket opened by the Agent inside the emulator, or on the device. By default, drozer uses port 31415

adb forward tcp:31415 tcp:31415

You can now connect to the drozer Agent by connecting to localhost (or simply not specifying the target IP)

drozer console connect

Confirming a successful connection

You should be presented with a drozer command prompt:

Selecting ebe9fcc0c47b28da (Google sdk_gphone64_x86_64 12)

            ..                    ..:.
           ..o..                  .r..
            ..a..  . ....... .  ..nd
              ro..idsnemesisand..pr
              .otectorandroidsneme.
           .,sisandprotectorandroids+.
         ..nemesisandprotectorandroidsn:.
        .emesisandprotectorandroidsnemes..
      ..isandp,..,rotecyayandro,..,idsnem.
      .isisandp..rotectorandroid..snemisis.
      ,andprotectorandroidsnemisisandprotec.
     .torandroidsnemesisandprotectorandroid.
     .snemisisandprotectorandroidsnemesisan:
     .dprotectorandroidsnemesisandprotector.

drozer Console (v3.0.0)
dz>

The prompt confirms the Android ID of the device you have connected to, along with the manufacturer, model and Android software version.

You are now ready to start exploring the device.

Command Reference

CommandDescription
runExecutes a drozer module
listShow a list of all drozer modules that can be executed in the current session. This hides modules that you do not have suitable permissions to run.
shellStart an interactive Linux shell on the device, in the context of the Agent process.
cdMounts a particular namespace as the root of session, to avoid having to repeatedly type the full name of a module.
cleanRemove temporary files stored by drozer on the Android device.
contributorsDisplays a list of people who have contributed to the drozer framework and modules in use on your system.
echoPrint text to the console.
exitTerminate the drozer session.
helpDisplay help about a particular command or module.
loadLoad a file containing drozer commands, and execute them in sequence.
moduleFind and install additional drozer modules from the Internet.
permissionsDisplay a list of the permissions granted to the drozer Agent.
setStore a value in a variable that will be passed as an environment variable to any Linux shells spawned by drozer.
unsetRemove a named variable that drozer passes to any Linux shells that it spawns.

License

drozer is released under a 3-clause BSD License. See LICENSE for full details.

Contacting the Project

drozer is Open Source software, made great by contributions from the community.

For full source code, to report bugs, suggest features and contribute patches please see our Github project:

https://github.com/WithSecureLabs/drozer

Bug reports, feature requests, comments and questions can be submitted here.