AndroL4b is an android security virtual machine based on Ubuntu-mate includes the collection of latest framework, tutorials and labs from different security geeks and researchers for reverse engineering and malware analysis.

Tools:

• Radare2: Unix-like reverse engineering framework and commandline tools

• Frida: Inject JavaScript to explore native apps on Windows, macOS, Linux, iOS, Android, and QNX.

• ByteCodeViewer Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger)

• Mobile Security Framework (MobSF) (Android/iOS) Automated Pentesting Framework (Just Static Analysis in this VM)

• Drozer Security Assessment Framework for Android Applications

• APKtool Reverse Engineering Android Apks

• AndroidStudio IDE For Android Application Development

• BurpSuite Assessing Application Security

• Wireshark Network Protocol Analyzer

• MARA Mobile Application Reverse engineering and Analysis Framework

• FindBugs-IDEA Static byte code analysis to look for bugs in Java code

• AndroBugs Framework Android vulnerability scanner that helps developers or hackers find potential security vulnerabilities in Android applications

• Qark Tool to look for several security related Android application vulnerabilities

Labs:

• Damn Insecure and vulnerable App for Android(DIVA) Vulnerable Android Application

• InsecureBankv2 Vulnerable Android Application

• Android Security Sandbox An app showcase of some techniques to improve Android app security

• GoatDroid A fully functional and self-contained training environment for educating developers and testers on Android security

• Sieve: A Password Manager App, showcasing some common Android vulnerabilities.

Download Androl4b Part 1

Download Androl4b Part 2

Download Androl4b Part 1

Download Androl4b Part 2