Android Forensics
OWASP Androick is a python tool to help in forensics analysis on android. Put the package name, some options and the programm will download automatically apk, datas, files permissions, manifest, databases and logs. It is easy to use and avoid all repetitives tasks !

Tutorials :: 

Usages ::
1) show help message
    ./androick.py -h

2) show informations
    ./androick.py -a

3) select device to use
    ./androick.py -D serial_number PACKAGE_NAME_1 PACKAGE_NAME_2 ETC...
    ./androick.py --device serial_number PACKAGE_NAME_1 PACKAGE_NAME_2 ETC...

4) find package name
    ./androick.py [-v] -f <Part of package name>

5) download all related things of application
    ./androick.py [-v] -A PACKAGE_NAME_1 PACKAGE_NAME_2 ETC...

6) select only things you want extract
    ./androick.py [-v] [-d --datas] [-s --sql] [-m --manifest] [-p --permissions] 
[-m --memory-dump]  [-l --logs] [--keyLogs="keywords"] PACKAGE_NAME_1 PACKAGE_NAME_2 ETC...

7) how to use option --keyLogs
        --keyLogs="key1,key2,key3"
    if more than one package
        --keyLogs="key1_P1,key2_P1|key1_P2|key1_P3,key2_P3,key3_P3" 
 
Example :
./androick.py -l --keyLogs="antivirus,protection|music,licence" com.package.antivirus com.music.player

/!\ The memory dump option will mostly not works with production builds 

Dependencies ::

Python - Python >=2.6 | Python Magic
SDK - aapt | adb | hprof-conv
Others - a rooted device | sqlite3

Download ::

Windows | Linux | Mac :: OWASP Androick

0 comments :

Post a Comment

 
Top