This is the repository for Andump. If you are looking for the Andump website. Click here.
For Android Data Forensic
The different data storage options available on Android:
- Internal file storage: Store app-private files on the device file system.
- External file storage: Store files on the shared external file system. This is usually for shared user files, such as photos.
- Shared preferences: Store private primitive data in key-value pairs.
- Databases: Store structured data in a private database.
For Library checking:
You can help (or thank) the author of Andump by making a donation, if you feel like doing so
- Dump data from Sandbox and external enclaves
- Print all sensitive data along with its file location
- Based on the rules file, this needs to be updated
- /mnt/sdcard/Android/data is a softlink to /sdcard/
Shared Preferences SQLite Databases Realm Databases Internal Storage External Storage
-ls : List installed package -p <packagename> : Check if sensitive data stored in internal & external data -l true -f <file.apk> : Check if insecure library is set -h : Help
For Data Forensic:
./andump.sh -p com.google.android
For Unreliable libraries:
./andump.sh -l true -d /home/appcode
Loc has concrete experience in Application Security Engineer, he’s responsible for web and mobile application security pen testing, smart contract security audit, security tools development as well as authentication, authorization and infrastructure engineering. With more than 4 years experience in security audit and including 2 years experience in Security Banking System. He’s also a bug-hunter with many valuable security reports and research papers