Drozer - A Framework for Android Application Security Assessment.
1. Introduction 1.1 This document explains how to get started with Drozer, and how to use it to perform a security assessment of an android application. 1.1. Drozer Drozer is a python based comprehensive security audit and attack framework for Android. It is an open-source framework, used for android pen-testing. It works like a client-server model and makes use of Android’s Inter-Process Communication (IPC) mechanism to interact with the underlying operating system of the device. IPC is a mechanism by which different components of android like intents and data binders communicate with each other so that the communication is established between the apps present in the android device. Drozer helps to remotely exploit android devices with predefined and custom modules that exploit known vulnerabilities. 1.2. Conventions used Throughout this document, command-line examples will use one of two prefixes: dz> indicates that the command shou