Today’s world is witnessing a significant increase in the number of smart phone users. Statistics shows that the number of smart phone users in the world has now crossed the magical one billion mark. Android remains the dominant operating system for new smart phones sold in the year 2012, with an overall shipment close to 500 million. This is more than three times larger than its current competitor, Apple’s iOS, which have a total shipment close to 136 million (Mobithinking 2013).
With the increase in the number of smart phones, mobile applications also began to gain its popularity. You think about anything, and there will be an app for that. From simple chatting to complex financial transactions, mobile applications are there to simplify the tasks of users. And we all are more than satisfied with that. With everything simplified to just a touch of fingertip, the security threats imposed by these applications are often left uncounted.
Before using an app, you must also realize the consequences these applications can raise. Android applications can have access to all the personal details, emails, password, your location, and you name it. One rotten app in your device can cause you enough damage.
Our project tries to develop a tool which can be used by the Android application developers to securely develop Android apps and also can help a user to test whether the apps they are using are safe, and to an extend fix some of the apps they are using.
We will try to cover up all the major android application vulnerabilities in the long run. But for now, we are starting with few of them.
What Android Application Vulnerability Scanner Tool has to offer you?
If you are an Android application developer, this tool can offer you the following capabilities
- Scan your Android application for vulnerabilities
- Interactively fix the detected vulnerabilities
- Generate your keystores
- Build your application
- Sign your application and make it ready to upload it to hosting servers
If you are a normal Android user, we have a bunch of offers to you also. As you may be already knowing, you cannot trust the applications you download from the Internet. Our tool helps you alter these applications by disabling some of the permissions it asks for and by fixing some of the vulnerabilities that these applications possess. Have you ever stayed back from installing an application downloaded from Internet because of some of the annoying permissions that those applications asks? Have you ever wanted to install these applications by denying some of the permissions that an application asks? Then you are at the right place. AAVST can do this for you. Here are a list of tasks that AAVST can do for you.
- Make an “APK” ready for editing (Decompile the APK)
- Scan and fix vulnerabilities in the decompiled application
- Disable undesirable permissions requested by the application
- Make the application ready to be installed to your device (Build & Sign the application)
- Generate your certificate (You need this step because only signed applications will run in an Android device. When we decompile an application, its signature is removed, so we need to sign it again before we can install it to some Android device. The tool will help in generating the certificates needed to sign an application as well as sign the application using the generated certificates simplified to couple of keystrokes and mouse clicks.)
To know more about the tool and know how the tool operates, see the following posts.