VectorAttackScanner

This is a tool to analyze android and windows, to detect points to attack, as intents, services, receivers, processes and librarys.

This tool uses a static analysis methods to do this, the vector attack founded by this tool, can be attacked by fuzzing methods to discover vulnerabilities..

More security researchers, bug hunters, exploit writers, malware developers find a problems as unsecure compilation flags, methods/functions exposes, with this tool is more easy, this tool search by you automatically.

It is well known in the world of IT Security, that have been created countermeasures and memory protections to prevent easily create exploits and prevent programmers to write programs that execute arbitrary code, as RELRO, PAX, ASLR, PIE, NX, SSP, StackCanary and others, this tool search this flags to do the job.

For now this tool only check ELF Binary Format, searching RELRO, PAX, PIE, ASLR, NX, RPATH, RUNPATH, StackCanary and FORTIFY SOURCE protections.

Coming soon i publish this app in the Google Play with a free / pay version.

Features about this project:

• Analysis apk and so/elf
• Extract apk and so/elf
• Scanner AIDL (Android Interface Definition Language)
• Analysis ssl pining and man in the middle
• Disassemble resources and sources
• Mapping classes, methods and imports
• Analysis backendless (MBaaS - Mobile Backend As A Service) libs
• Analysis Network traffic
• Analysis crash on classes
• CA certificates extractor, APK embedded certificates and Url certificate catcher.
• Analysis cryptografic API's
• Analysis intent filters
• Analysis file system permissions
• Analysis SH (Shell Scripts)
• Analysis webview xss and injections.
• Crash log view
• Dinamic code injection
• Fuzzing on intents and native libs (SO/ELF)
• Hooking native libs / java libs / JNI libs
• Analysis framework
• Url certificate catcher
• Analisys of reflexing code
• Shellcode detector
• Analysis apps vulnerable to cloning cards
• Scanner unsecure storage
• Hooking passing intents
• Hooking current activity
• Process Log Monitor
• Netstat log
• Detect keystores
• Detect websockets libs
• Detect url burned or hardcoded
• Detect Carding/cloning/ripping libs
• Regex analyzer, where the implements this
• How to Fix This Problem and unsecure practices

Preview: Vector Attack Scanner for Android:

Vector Attack Scanner: new UI:

Vector Attack Scanner: APK analysis:

Vector Attack Scanner: ELF analysis:

2nd International Information Security Conference : The International Information Security Meet “ Hakon’15,  TERRORSTROM- THE RISE OF DIGITAL TERRORISM & WOMEN IN-SECURITY “ is an unique event, where the best brains in information security and leaders in hacking world and the cyber society along with government officials on cyber security meet to join their efforts offensively or defensively to cooperate in addressing the most assessed topics in the field of Information Security. This is the second edition of the conference.

 For more stories Joined us:  Hakon India on Facebook |  Twitter |  Linkedin

Source:  JhetoX