Arsenal Demo of Android Tamer

A presentation at BlackHat ASIA 2016 in March 2016 in Singapore by Anant Shrivastava

Slide 1

Slide 1

ANDROID TAMER https://androidtamer.com

Slide 2

Slide 2

WHAT Virtual machine for Android (Security) Professionals Supports VirtualBox VMWare Vagrant / Ansible

Slide 3

Slide 3

WHY Saves time while Finding and installing tools Configuring them Ensuring all other tools are still working Managing updates of each tool

Slide 4

Slide 4

TOOLS INCLUDE 1. adb / fastboot / android-sdk 2. dex2jar / enjarify 3. apktool 4. jad / jd-gui / jadx / jadx-gui 5. drozer 6. DFF / ddrescueview 7. SQLiteManager / SQLiteMan 8. Burp Free / OWASP-ZAP 9. pidcat 10. MobSF (in-progress) 11. Cukoo-droid (in-progress) 12. and more….

Slide 5

Slide 5

CUSTOM FEATURES 1. Easy Management of multiple devices 2. One liner commands (apk2java, drozer_start etc) 3. Scripts for automated analysis 4. So ware update managed over apt-get repository (alpha phase) (http://repo.androidtamer.com/) 5. All Tools pre-configured in PATH (no need to switch directories)

Slide 6

Slide 6

THAT’S NOT IT

Slide 7

Slide 7

@ TWITTER Follow Us @AndroidTamer to get Latest Android News

Slide 8

Slide 8

FB/ANDROIDTAMER

Slide 9

Slide 9

SECURITY ENHANCEMENTS

Slide 10

Slide 10

LEARN ANDROID https://androidtamer.com/learn_android_security

Slide 11

Slide 11

DEMO TIME 1. Application decompiling 2. Automated assessment (drozer_checks) 3. Multi devices management (adb list) 4. MobSF 5. Build your own Distro (Debian compatible Repository)

Slide 12

Slide 12

DEMO: APK2JAVA

Slide 13

Slide 13

DEMO: DROZER_CHECK

Slide 14

Slide 14

DEMO: ADB LIST

  1. Add entries in ~/.adb_list 2. format of entries “ABC;SERIALNO” 3. echo “abc;1234567890” >> ~/.adb_list

Slide 15

Slide 15

DEMO: MOBSF

Slide 16

Slide 16

BUILD YOUR OWN

Slide 17

Slide 17

PACKAGE REPOSITORY

Slide 18

Slide 18

SUGGESTIONS & SUPPORT 1. Suggest more tools 2. Issues / Challenges faced 3. Support by contributing to the project 4. Write articles & blogposts

Slide 19

Slide 19

THANKS Follow @AndroidTamer for all Updates