Inspeckage is a tool developed to offer dynamic analysis of Android applications. With this tool we can better understand what an Android application is doing at runtime.
How it works?
It is a simply application (apk) with an internal HTTP server providing a friendly web interface.
- Requested Permissions
- App Permissions
- Shared Libraries
- Exported Activities and Non Exported Activities
- Exported Content Provider and Non Exported Content Provider
- Exported Services and Non Exported Services
- Exported Broadcast Receiver and Non Exported Broadcast Receiver
- If is Debuggable
- Version, UID and GIDs
Hooks (until now)
With the hooks, we can see what the application is doing in real time.
- Shared Preferences (log and file)
- HTTP (a http proxy tool it is still the best alternative)
- File System
- Miscellaneous (Clipboard, URL.Parse())
With the Xposed is possible do some actions like start a not exported activity!
- Start any activity (exported and non exported)
- Calling any provider (exported and non exported)
- Disable FLAG_SECURE
- SSL uncheck
- Start, close and restart the application
- APK Download
- View the app's directory tree
- Download the app files
- Download the output generated by hooks in text file format
Even with some hooks at HTTP libraries, using an external proxy tool it is still the best alternative to analyze the traffic.
- Add a proxy to the target app
- Enable and disable proxy
- Add entries in the arp table
- Xposed Framework
For bug reports and feature requests, please post them in the GitHub Issues page.
I made a small tutorial on how to get it ready for Inspeckage.
Inspeckage, Xposed for all devices (see above for details)
Source Code: https://github.com/ac-pm/Inspeckage
Xposed Package Name: mobi.acpm.inspeckage
Current Stable Version: 1.4.1
Stable Release Date: 2016-07-19
Last Updated 2017-05-26