Fino Android Security Assessment Tool

android_logo

Security assessment tools have several ways for conducting the technical analyses. Fino is another program that you can use to run dynamic analyses for Android based application. The tool allows injecting services in the application for controlling and monitoring the change.

The android application we want to verify will be running in emulator that is called gadget or what we call usually a sandbox and dynamically verify all changes on the system. Next it is possible to run python scripts to get or modify the services.

You may get all target activities by running “activities =app.find(‘android.app.Activity’)“  the idea of monitoring services with the injection can make you monitor the application from inside and you will have details about the android application with more accurate results.

2237_SmallFootprintInspectionAndroid-slidesFino design in the slide deck the full pdf file over here: http://events.ccc.de/congress/2012/Fahrplan/attachments/2237_SmallFootprintInspectionAndroid-slides.pdf

You can download Fino on the following link: https://github.com/sysdream/fino

Share