Published on July 3rd, 2014 📆 | 2410 Views ⚑0
FSDroid – automated program to penetrate and analyze local storage on Android
FSDroid is an automated program to penetrate and analyze local storage of the most widely used mobile platform – Android.
Mobile application hacking and its security is becoming a major concern in today’s world – especially with BYOD and user’s rooting their devices. The release cycle of the mobile applications are more frequent than the web applications. It is imperative to test these applications before loading and launching from security and privacy standpoint. Currently automated scanning of web application with static or dynamic has their own limitation and issues and vulnerability detection is not accurate. Hence, manual review play key role and during this type of review we need some tools to avoid very time consuming and tedious process.
Amongst the mobile attacks and device enumeration, local storage being the key target for attacks and potential exploit by information harvesting. It affects the security and privacy of the user and corporates.
FSDroid leverages system calls provided in SDK to monitor file system and help in identifying files/directories has been modified/accessed by the target application. FSDroid can be installed on emulator. Objective is to monitored filesystem calls and review the content while application is running. One can perform runtime analysis for any application and discover potential vulnerabilities.
FSDroid is an android application, To install use
#adb install FSDroid.apk
New features in version 0.02 (Beta) of FSDroid
- Recursive Monitoring
- Assign permission from FSDroid – Selecting application gives required permission to target application
More Information: here