Androick是一个python工具,可帮助在android上进行取证分析。输入软件包名称,一些选项,程序将自动下载apk,数据,文件权限,清单,数据库和日志。它易于使用,避免了所有重复性任务!
安装
只需克隆此git存储库
Python
python >= 2.6
Python-magic
开发包
aapt
adb
hprof-conv
其他
a rooted device
sqlite3
使用
1) show help message
./androick.py -h
2) show informations
./androick.py -a
3) select device to use
./androick.py -D serial_number PACKAGE_NAME_1 PACKAGE_NAME_2 ETC…
./androick.py –device serial_number PACKAGE_NAME_1 PACKAGE_NAME_2 ETC…
4) find package name
./androick.py [-v] -f <Part of package name>
5) download all related things of application
./androick.py [-v] -A PACKAGE_NAME_1 PACKAGE_NAME_2 ETC…
6) select only things you want extract
./androick.py [-v] [-d –datas] [-s –sql] [-m –manifest] [-p –permissions] [-m –memory-dump] [-l –logs] [–keyLogs=”keywords”] PACKAGE_NAME_1 PACKAGE_NAME_2 ETC…
7) how to use option –keyLogs
–keyLogs=”key1,key2,key3″
if more than one package
–keyLogs=”key1_P1,key2_P1|key1_P2|key1_P3,key2_P3,key3_P3″
Example :
./androick.py -l –keyLogs=”antivirus,protection|music,licence” com.package.antivirus com.music.player
/! The memory dump option will mostly not works with production builds
文章来源及下载:
https://github.com/Flo354/Androick
暂无评论内容