Home

Awesome

@hpAndro1337 Android Application Security

CTF Style Android Security Challenges ctf.hpandro.raviramesh.info

hpAndro

Android AppSec (Kotlin) app will help you to practice for Android Security points. We do it for the right reasons - to help developers make their apps more secure. The best way to verify that your app follows secure mobile development best practices is to perform security assessments of the app, which can include automated mobile app security testing, fuzzing, manual penetration testing, and more. This application represents some of the knowledge we share with the infosec community. We are trying to build a vulnerable application based on OWASP Mobile Security Testing Guide.

We (@hpAndro and @_RaviRamesh) spend a lot of time attacking android app hacking, breaking encryption, finding bussiness logic flaws, penetration testing, and looking for sensitive data stored insecurely.

We try harder to build vulnerable application for you..

In this application we are covering below points:

  1. HTTP Traffic
    1. HTTP Traffic
    2. HTTPS Traffic
  2. Public Key Pinning
    1. Certificate Pinning Bypass (network_security_config.xml) [Coming Soon...]
    2. Certificate Pinning Bypass (okhttp) [Coming Soon...]
    3. Certificate Pinning Bypass (Cert check) [Coming Soon...]
    4. Certificate Pinning Bypass (Cert Hash match) [Coming Soon...]
  3. Non-HTTP Traffic
    1. TCP Traffic
    2. UDP Traffic
  4. WebSocket Traffic
    1. Web Socket (WS)
    2. Web Socket Secure (WSS)
  5. Root Detection
    1. Root Management Apps
    2. Potentially Dangerous Apps [Available in Master App]
    3. Root Cloaking Apps
    4. Test Keys
    5. Dangerous Props [Available in Master App]
    6. BusyBox Binary
    7. Su Binary [Available in Master App]
    8. Su Exists
    9. RW System [Available in Master App]
    10. SafetyNet [Coming Soon...]
    11. Using running processes [Coming Soon...]
  6. Emulator detection
    1. Virtual Phone Number [Available in Master App]
    2. Device IDs [Available in Master App]
    3. Hardware Specifications [Available in Master App]
    4. QEmu Detection [Available in Master App]
    5. File Based Checking [Available in Master App]
    6. IP Based Checking [Available in Master App]
    7. Package Name [Available in Master App]
    8. Debug Flag [Available in Master App]
    9. Network Operator Name [Available in Master App]
  7. Anti-Debugging detection
    1. PMS Hook Detection [Coming Soon...]
    2. Checking TracerPid [Coming Soon...]
    3. Using Fork and ptrace [Coming Soon...]
    4. Frida Detection [Coming Soon...]
    5. SafetyNet [Coming Soon...]
    6. Debuggable Flag [Coming Soon...]
    7. isDebugger Connected [Available in Master App]
    8. Timer Checks [Coming Soon...]
    9. JDWP-Related Data Structures [Coming Soon...]
  8. Insecure Data Storage
    1. SQLite Databases (Unencrypted)
    2. SQLite Databases (Encrypted) [Available in Master App]
    3. Realm Databases (Unencrypted) [Coming Soon...]
    4. Realm Databases (Encrypted) [Coming Soon...]
    5. Firebase Real-time Databases [Coming Soon...]
    6. Shared Preferences
    7. Internal Storage
    8. External Storage
    9. KeyStore [Available in Master App]
    10. KeyChain [Coming Soon...]
    11. Keyboard Cache [Coming Soon...]
    12. User Interface [Coming Soon...]
    13. App Backup [Coming Soon...]
    14. Screenshots [Coming Soon...]
    15. Memory [Available in Master App]
    16. User Dictionary Cache [Coming Soon...]
    17. Clipboard [Available in Master App]
    18. Activity data
  9. Logs
    1. Informational Logs
    2. Error Logs
    3. Warnings Logs
    4. Debug Logs
    5. Verbose Logs
    6. WTF Logs
  10. Content Providers
    1. SQL Injection
    2. File System Expose [Available in Master App]
  11. Encryption
    1. Message Authentication Codes [Coming Soon...]
    2. Message Digest [Coming Soon...]
    3. Signatures [Coming Soon...]
    4. Custom Implementations [Coming Soon...]
    5. Caesar Cipher
    6. Weak Key Generation [Coming Soon...]
    7. Weak Random Number [Coming Soon...]
    8. Weaker Padding [Coming Soon...]
  12. Symmetric Encryption
    1. DES
    2. 3DES
    3. RC4
    4. Blowfish
    5. AES
    6. Predictable Initialization Vector
  13. Asymmetric Encryption
    1. RSA
  14. Hashing
    1. MD4
    2. MD5
    3. SHA1
  15. Authentication
    1. Biometric [Coming Soon...]
    2. Confirm Credentials [Coming Soon...]
    3. 2FA - OTP Leakage
    4. 2FA - Response Manipulation [Available in Master App]
    5. 2FA - Status Code Manipulation [Available in Master App]
    6. 2FA - OTP Brute-Force [Available in Master App]
    7. 2FA - OTP Brute-Force 2 [Available in Master App]
    8. 2FA - Integrity Validation [Available in Master App]
    9. Application lock [Coming Soon...]
  16. Binary Protection
    1. RPATH [Available in Master App]
    2. Hardcoded Secret [Available in Master App]
    3. Native Function Call [Available in Master App]
    4. Packers [Coming Soon...]
    5. Obfuscator [Coming Soon...]
  17. Device ID
    1. SSAID/ANDROID_ID
    2. Device Wi-Fi MAC
    3. GPS Location
    4. IMEI/ESN
    5. MEID [Coming Soon...]
    6. IMSI [Available in Master App]
  18. Web Application
    1. HTML5 Controls
    2. Bruteforce
    3. Login Bypass - Cookies Manipulation [Available in Master App]
    4. Encoding - Hashing [Available in Master App]
    5. JavaScript - Info leak [Available in Master App]
    6. Server Fingerprint
    7. Client Side Validation Bypass
    8. User Password Enumeration
    9. OTP Bruteforce
    10. JWT Misconfiguration
    11. Guessable Session ID
    12. REST API HTTP Methods
    13. SSRF
    14. XXE
    15. Unrestricted File Upload
    16. LFI [Coming Soon...]
    17. RFI [Available in Master App]
    18. Deserialization [Coming Soon...]
    19. XPATH Injection [Available in Master App]
    20. Metafiles - Info Leakage [Available in Master App]
    21. RIA Cross Domain Policy [Available in Master App]
    22. Default Credentials [Available in Master App]
    23. OS Command Injection [Coming Soon...]
    24. S3 bucket misconfiguration [Available in Master App]
    25. Path Traversal [Coming Soon...]
    26. Captcha Bypass [Coming Soon...]
    27. IP whitelisting Bypass [Coming Soon...]
    28. SSTI [Available in Master App]
    29. Review comment and Metadata [Available in Master App]
    30. Code Injection [Coming Soon...]
    31. Old Backup Files [Available in Master App]
    32. Insecure Direct Object Reference [Available in Master App]
    33. JSON to XXE (Blind) [Available in Master App]
  19. Miscellaneous
    1. Deeplink [Coming Soon...]
    2. QR Code
    3. Backdoor1
    4. Backdoor2
    5. Backdoor3
    6. Backdoor4
    7. Backdoor5
    8. Backdoor6 [Available in Master App]
    9. Backdoor7 [Available in Master App]

It will be great if you can support and share your thoughts with us to improve this application.