dscanner - Drozer based post-build dynamic vulnerability scanner command

* New command `dscanner`, enables one to scan signed APKs with Drozer * Drozer is a dynamic vulnerability scanner for Android * Drozer runs in a emulator or on-device, this new `dscanner` command... * starts a docker image with Drozer and the Android Emulator pre-installed, * loads the signed APK into the emulator * activates Drozer automated tests for the APK * gathers the report output and places it next to the original APK * The Drozer docker image can be: * cached locally for re-use (just don't run --clean*) * retrieved from dockerhub.com for more efficient runtime * or be built from scratch (in the new "./docker" directory) * New "Vulnerability Scanning" documentation section (run gendocs.sh)
2025-11-04 06:30:27 +03:00 · 2016-12-06 13:57:04 +01:00 · 2016-12-06 13:57:04 +01:00 · df27bae6a0
commit df27bae6a0
parent f439266303
13 changed files with 1063 additions and 1 deletions
--- a/1
+++ b/1
@ -38,6 +38,7 @@ commands = {
    "rewritemeta": "Rewrite all the metadata files",
    "lint": "Warn about possible metadata errors",
    "scanner": "Scan the source code of a package",
+    "dscanner": "Dynamically scan APKs post build",
    "stats": "Update the stats of the repo",
    "server": "Interact with the repo HTTP server",
    "signindex": "Sign indexes created using update --nosign",