Even though several other mobile application analysis tools have been developed, there is no one tool that can be used for both android and ios and can be called a “standard” must use on every mobile application assessment.
The idea behind Scrounger is to make a metasploit-like tool that will not do a pentesters work but help the pentester on his assessment by executing mundane tasks that need to be performed on all assessments.
Scrounger is a modular tool designed to perform the routine tasks required during a mobile application security assessment. Scrounger conveniently brings together both major mobile operating systems – Android and iOS – into a single tool, in a way that is easy use, well documented, and easily extensible.
Scrounger consists on a number of modules that were built on top of a strong core. The rationale is to allow easy extensibility, just like Metasploit does. As a result, if you want Scrounger to perform additional checks, you can simply add a new module that can then be executed either through Scrounger’s interactive console or its command line interfaces.
Furthermore, it contains both Android and iOS modules, so, instead of using multiple tools to help you during a mobile application assessment, Scrounger offers you the possibility to use only one tool and learn only one set of commands, that will work for both operating systems.
Scrounger already comes bundled with several modules that can be run to perform several checks against mobile applications.
The Difference
The main features Scrounger offers that others don’t:
- Works with Android and iOS
- Metasploit-like console and modules
- Offers a variaty of modules that can be run to give the pentester a starting point
- Easily extendable
Required Binaries
For Android Modules
- java (http://www.oracle.com/technetwork/java/javase/downloads/index.html)
- jd-cli (https://github.com/kwart/jd-cmd)
- apktool (https://ibotpeaches.github.io/Apktool/)
- d2j-dex2jar (https://github.com/pxb1988/dex2jar)
- adb (https://developer.android.com/studio/releases/platform-tools)
- Other (Optional):
- avdmanager (https://developer.android.com/studio/#downloads)
For iOS Modules
- jtool (Linux) (http://www.newosxbook.com/tools/jtool.html)
- otool (MacOS) (https://developer.apple.com/xcode/)
- ldid (https://github.com/daeken/ldid.git)
- iproxy (Package: libimobiledevice)
- lsusb (Package: usbutils)
- unzip
iOS Binaries
- Bundled Binaries:
- clutch
- dump_backup_flag
- dump_file_protection
- dump_keychain
- dump_log
- listapps
- Cydia Karen’s Repository (https://cydia.angelxwind.net) (Optional):
- AppSync Unified (Package: net.angelxwind.appsyncunified)
- appinst (Package: com.linusyang.appinst)
- Other (Optional):
- ldid
- otool
