wargio / Fufluns
Licence: gpl-3.0
Easy to use APK/IPA Mobile App Inspector (experimental)
Stars: ✭ 70
Programming Languages
python
139335 projects - #7 most used programming language
Fufluns
Easy to use APK/IPA Mobile App Inspector (experimental)
Features
Detects common fails in compiled apps for Android and iOS (iPhones, iPads, etc..)
-
Android
- APKiD
- Secrets (Private keys, API keys, etc..)
- Insecure AndroidManifest.xml attributes
- Network Security
- Permissions
- Root Detection
- Source Code
- SQL Injections
-
iOS
- Compiler options (-fstack-protector-all, -fobjc-arc, -pie, etc..)
- Insecure C imports (memcmp, memcpy, memmove, memset, etc..)
- Jailbreak Detection
- Network Security
- Permissions
- Secrets (Private keys, API keys, etc..)
- Source Code
- SQL Injections
Export
The tool allows to export the data in JSON, Markdown and Textile formats.
Tools Required
- APKiD
- Apktool (and the Android Platform Tools)
- rizin (python rzpipe)
Docker
You can download it from docker hub or build it by yourself.
Download from docker hub
# Download first the image
docker pull deroad/fufluns:latest .
# run the image
docker run -it --rm -p 8080:8080 deroad/fufluns:latest
Or Build from sources
To build a docker image just run
# Build first the image
docker build -t fufluns:latest .
# Run the built image
docker run -it --rm -p 8080:8080 fufluns:latest
Debug
To debug http traffic, you need to define the environment variable 'DEBUG_MODE'.
For example:
DEBUG_MODE=1 ./fufluns.sh
Development
Check the documents here: https://github.com/wargio/fufluns/blob/master/DOCS.md
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].