Moblizer helps you do static analysis of any android application or .apk file. As it is a very premature tool we have included very limited functionality such as information disclosure automation from the source code of the .apk file. And there are certain limitations but still we are useing it in our daily pentesting projects and it helped us saving lots of time and decreases our effort. Hope it will help you also.
We can use this script in any windows or *nix system.
- apk tool installed in your system.
- python 2.x installed.
- Download moblizer.py
- Copy your .apk file to the same place where your moblizer exist.
- Run moblizer.py using commandline. Then it will ask you to provide your apk file name.
- Just provide your apk file name. The full name such as test.apk.
- It will fetch all the codes which contains any sensitive keyword such as email, ip, username etc and put it in logfile.log where you can analyze all those.
- It also provides you Manifest permission details in the logfile itself.