iSEC Research Labs

Blackbox Android App Analysis with Introspy

13 Dec 2013 - Marc Blanchou & Alban Diquet

As previously announced during our Ruxcon presentation, we’re now releasing Introspy for Android. The final version of the tool was demonstrated at the iSEC Open Forum here in San Francisco.

Blackbox Android Pentesting

Similarly to the iOS version that was released a few months ago, Introspy for Android is a tool designed to help penetration testers understand what an Android application does at runtime, and to greatly facilitate the process of reviewing the application’s security mechanisms.

The tool can easily be installed on a rooted device running Cydia Substrate and provides a GUI interface to configure hooks, filters and options. See the project page as well the slides we presented at the Open Forum for more information about what the tool does and how it works.

Source code and pre-compiled packages are available on the project’s source repository on Github.