This is the repository for Andump. If you are looking for the Andump website. Click here.
For Android Data Forensic
The different data storage options available on Android:
- Internal file storage: Store app-private files on the device file system.
- External file storage: Store files on the shared external file system. This is usually for shared user files, such as photos.
- Shared preferences: Store private primitive data in key-value pairs.
- Databases: Store structured data in a private database.
For Library checking:
You can help (or thank) the author of Andump by making a donation, if you feel like doing so
- Dump data from Sandbox and external enclaves
- Print all sensitive data along with its file location
- Based on the rules file, this needs to be updated
- /mnt/sdcard/Android/data is a softlink to /sdcard/
Shared Preferences SQLite Databases Realm Databases Internal Storage External Storage
-ls : List installed package -p <packagename> : Check if sensitive data stored in internal & external data -l true -f <file.apk> : Check if insecure library is set -h : Help
For Data Forensic:
./andump.sh -p com.google.android
For Unreliable libraries:
./andump.sh -l true -d /home/appcode
Love doing security research, pen-testing in web/mobile, blockchain security, smart contract security…