Android Forensics
OWASP Androick is a python tool to help in forensics analysis on android. Put the package name, some options and the programm will download automatically apk, datas, files permissions, manifest, databases and logs. It is easy to use and avoid all repetitives tasks !

Tutorials :: 

Usages ::
1) show help message
    ./ -h

2) show informations
    ./ -a

3) select device to use
    ./ -D serial_number PACKAGE_NAME_1 PACKAGE_NAME_2 ETC...
    ./ --device serial_number PACKAGE_NAME_1 PACKAGE_NAME_2 ETC...

4) find package name
    ./ [-v] -f <Part of package name>

5) download all related things of application

6) select only things you want extract
    ./ [-v] [-d --datas] [-s --sql] [-m --manifest] [-p --permissions] 
[-m --memory-dump]  [-l --logs] [--keyLogs="keywords"] PACKAGE_NAME_1 PACKAGE_NAME_2 ETC...

7) how to use option --keyLogs
    if more than one package
Example :
./ -l --keyLogs="antivirus,protection|music,licence" com.package.antivirus

/!\ The memory dump option will mostly not works with production builds 

Dependencies ::

Python - Python >=2.6 | Python Magic
SDK - aapt | adb | hprof-conv
Others - a rooted device | sqlite3

Download ::

Windows | Linux | Mac :: OWASP Androick


Post a Comment