{"id":2768,"date":"2016-02-26T02:00:00","date_gmt":"2016-02-26T02:00:00","guid":{"rendered":"http:\/\/www.pir8geek.com\/?p=2768"},"modified":"2016-02-26T02:00:00","modified_gmt":"2016-02-26T02:00:00","slug":"appie-v3-android-pentesting-portable-integrated-environment","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=2768","title":{"rendered":"Appie v3 &#8211; Android Pentesting Portable Integrated Environment"},"content":{"rendered":"<div><strong>Appie<\/strong> is a software package that has been pre-configured to function as an <em>Android Pentesting Environment<\/em> on any windows based machine without the need of a <em>Virtual Machine(VM)<\/em> or<em> dualboot.<\/em><\/div>\n<div><\/div>\n<div>It is completely portable and can be carried on <strong>USB stick or your smartphone<\/strong>. It is one of its kind Android Security Analysis Tool and is a one stop answer for all the tools needed in Android Application Security Assessment, Android Forensics, Android Malware Analysis.<\/div>\n<p>&nbsp;<br \/>\n<strong>Which tools are included in Appie ?<\/strong><\/p>\n<ul>\n<li>Android Debug Bridge<\/li>\n<li>Apktool<\/li>\n<li>AndroBugs Framework<\/li>\n<li>AndroGuard<\/li>\n<li>Androwarn<\/li>\n<li>Atom<\/li>\n<li>ByteCodeViewer<\/li>\n<li>Burp Suite<\/li>\n<li>Drozer<\/li>\n<li>dex2jar<\/li>\n<li>Eclipse IDE with Android Developer Tools<\/li>\n<li>Introspy-Analyzer<\/li>\n<li>Java Debugger<\/li>\n<li>jadx<\/li>\n<li>Jd-Gui<\/li>\n<li>Pidcat<\/li>\n<li>SQLite Database Browser<\/li>\n<li>SQLmap<\/li>\n<li>Volatility Framework<\/li>\n<li>It also has Java Runtime Environment(JRE) and python installed, so you can run Appie on even a freshly installed windows installation.<\/li>\n<li>It also has Mozilla Firefox with some security addons.<\/li>\n<li>Nearly all UNIX commands like ls, cat, chmod, cp, find, git, unzip, mkdir, ssh, openssl, keytool, jarsigner and many others.<\/li>\n<li>It has also has vulnerable android applications like Owasp GoatDroid Project Configured and InsecureBank-v2 to test your skills on them.<\/li>\n<\/ul>\n<p>Usage:<\/p>\n<ul>\n<li>Apktool can be used by the keyword <strong>apktool<\/strong>.<br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/imgur.com\/Noy4N8G.png\" alt=\"\" \/><\/li>\n<li>AndroBugs Framework can be used by the keyword <strong>androbugs<\/strong><br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/imgur.com\/FKPvBo1.png\" alt=\"\" \/><\/li>\n<li>\n<div id=\"androwarn\">Androwarn Usage<\/div>\n<p>Type <strong>androwarn<\/strong> in the console to open androwarn directory and then see <a href=\"https:\/\/github.com\/maaaaz\/androwarn#usage\">usage<\/a> for it\u2019s usage.<\/li>\n<li>\n<div id=\"androguard\">Androguard Usage<\/div>\n<p>There are several files in androguard project. You can look about their individual usage on their <a href=\"https:\/\/github.com\/androguard\/androguard\">website<\/a>. For example, if you wanted to use <strong>androgui<\/strong> then just type <strong>androgui<\/strong> on the terminal.<\/li>\n<li>To open atom, type <strong>atom<\/strong> in the terminal and it will open Atom text editor in other half of the terminal. It has been customized like this to have a better experience while testing. No hassle of Tabs\/Windows.<br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/imgur.com\/9vzcfCq.png\" alt=\"\" \/><\/li>\n<li>Type <strong>bytecodeviewer<\/strong> to open ByteCodeViewer.<\/li>\n<li>\n<div id=\"burpsuite\">Burpsuite<\/div>\n<p>Type <strong>burpuite<\/strong> in the Appie console to open up BurpSuite.<br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/i.imgur.com\/u9uAFzV.png\" alt=\"\" \/><\/li>\n<li>\n<div id=\"drozer\">Drozer Usage<\/div>\n<ul>\n<li>Type in <strong>drozer console connect<\/strong> and drozer application will load up in the right half.<br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/i.imgur.com\/fLL6B59.png\" alt=\"\" \/><\/li>\n<\/ul>\n<\/li>\n<li><strong>eclipse<\/strong> can be used to launch Eclipse IDE for Android Application Development.<\/li>\n<li>use <strong>firefox<\/strong> to open up Mozilla Firefox.<\/li>\n<li>\n<div id=\"JD_GUI\">Jd-GUI Usage<\/div>\n<ul>\n<li>Type <strong>jdgui<\/strong> in the console and a new tab will open with JD-GUI in it .<br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/i.imgur.com\/TfJ0oZM.png\" alt=\"\" \/><\/li>\n<\/ul>\n<\/li>\n<li>Type <strong>jadx<\/strong> to use jadx.<\/li>\n<li>\n<div id=\"pidcat\">Pidcat Usage<\/div>\n<p>In order view logcat entries for <strong>org.owasp.goatdroid.fourgoats<\/strong>, type <strong>pidcat org.owasp.goatdroid.fourgoats<\/strong> in Appie and you would see something similar.<br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/i.imgur.com\/BJWGslG.png\" alt=\"\" \/><\/p>\n<ul>\n<li>Use <strong>sqlitebrowser<\/strong> to open SQLite Database Browser.<\/li>\n<\/ul>\n<\/li>\n<li>Type <strong>sqlmap<\/strong> to use SQLmap.<\/li>\n<li>\n<div id=\"volatility\">Volatility Usage<\/div>\n<p>Type <strong>volatility<\/strong> in the console to use this.<br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/i.imgur.com\/c4CJOsr.png\" alt=\"\" \/><\/li>\n<li>\n<div id=\"wireshark\">Wireshark Usage<\/div>\n<p>Type <strong>wireshark<\/strong> in Appie console to open wireshark within Appie.<br \/>\n<img decoding=\"async\" title=\"\" src=\"https:\/\/i.imgur.com\/aOsTSiI.png\" alt=\"\" \/><\/li>\n<\/ul>\n<p>Demo Video<br \/>\nBelow is short demonstration video of Appie.<br \/>\n&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Appie is a software package that has been pre-configured to function as an Android Pentesting Environment on any windows based machine without the need of a Virtual Machine(VM) or dualboot. It is completely portable and can be carried on USB stick or your smartphone. It is one of its kind Android Security Analysis Tool and<\/p>\n","protected":false},"author":1,"featured_media":2770,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[144,528],"tags":[657,658,659,660,352],"class_list":["post-2768","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-android","category-mobile-pentest","tag-androguard","tag-apktools","tag-apple","tag-drozer","tag-python"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2768","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2768"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2768\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2768"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2768"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2768"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}