Android Tamer – A Walk Through
Are you a Backtrack/Kali freak? Ever thought of having a similar distribution in your arsenal dedicated for Android Security? "Android Tamer" is the solution to fulfill your needs.
What is Android Tamer?
11 courses, 8+ hours of training
Android Tamer is a Linux based distribution developed for Android Security Professionals. This distribution is based on Ubuntu 10.04LTS, which includes various popular tools available for Android Development, Penetration Testing, Malware Analysis, ROM Analysis and Modification, Android Forensics, etc.
This article walks you through various tools available in "Android Tamer" and how they fulfill our real life Android Security needs.
Prerequisites
- Machine with Virtual Box installed
-
RAM: 512Mb (minimum)
Bringing it UP
We can download the latest version of Android Tamer from its official website here (http://www.androidtamer.com). Currently there are two versions available. After downloading, extract the zip file, which gives a VMDK file which can be opened with virtual machines like VMware Workstation or VirtualBox. It is suggested to use this VMDK file in virtual box rather than VMware since it is optimized for Virtual Box. To know more about VMDK files, please visit here. (http://en.wikipedia.org/wiki/VMDK).
Now, open up Virtual Box and create a new virtual machine instance and boot the VMDK file to start running "Android Tamer". It greets us with a brand new window which needs a username and password to login. The default username:password is tamer:android.
Description of Available Tools
"Android Tamer" has several popular tools preinstalled, with the following as its main sections.
- ROM Modding
- Reverse Engineering
- Pen Testing
- Malware Analysis
- Forensics
- Development
- Vulnerable Lab
- Tools
- Rooting
Let's now explore each section and see the existing tool set and how they can be useful.
Reverse Engineering
This section contains the most popular Android Reverse Engineering tools which include dex2jar, JD-GUI, APKTOOL, etc.
APK Analyser is another important tool available in the Reverse Engineering Section. APK Analyser is a powerful framework which allows us to disassemble byte codes, analyze application architecture, perform byte code injections in Android Apps, and the list goes on. This is one of the best tools available to analyze Android apps and comes preinstalled with Android Tamer.
Malware Analysis
This is one of the finest sections, which includes some great automated tools for Android Malware Analysis.
DroidBox is one among them. We can simply go and use DroidBox from its command line by navigating to the directory /Arsenal/Droidbox. In general you may find it difficult to set up DroidBox in your local machine as it has some dependencies to be installed to run the tool. Android Tamer sets everything ready for you.
AndroGuard is another great set of Python tools preinstalled for malware analysis. This is one of the best tools I have seen on the Internet for Android Malware Analysis. After its release, there were a lot of other tools built based on AndroGuard. You can go ahead and see the documentation available at their official link (https://code.google.com/p/androguard/).
Pen Testing
Pen Testing is the right place for you if you are looking for a strong set of tools to audit the security of your Android apps or smartphone.
This contains tools required to audit both "browser based apps" and "native apps".
Tools for testing browser based apps include BurpSuite, w3af, Firefox with all the required plugins, OWASP ZAP, etc.
It comes preinstalled with Mercury Framework, which is one of the best ones available for auditing Android Apps. It basically looks for vulnerabilities in IPC end points of an application.
Android Tamer also contains Smart Phone Pentest Framework by Bulb Security. Smart Phone Pentest Framework has a Metasploit kind of functionality to audit the security of your smartphone.
Development
The Development section is one my favorite sections which allows you to write your POC apps during your pen test. Let's assume you have identified a content provider leakage vulnerability in an application and want to write a malicious app as a Proof of Concept to exploit the identified vulnerability. Tools available in the development section come in handy to fulfill your needs.
It is not recommend for users to use this section for fulltime development, as it eats a lot of memory and the system goes slow.
Eclipse + ADT: Android Tamer contains Eclipse IDE integrated with ADT bundle which enables us to write Android Apps.
DDMS: Dalvik Debug Monitor Service is an excellent solution to do things such as interacting with the file system, controlling the emulator, pulling and pushing files from/to the device or emulator, debugging applications, etc.
Android NDK: Android Native Development Kit enables us to write low level applications in C/C++.
Forensics
Android Tamer consists of some preinstalled digital forensic tools.
AFLogical Open Source Edition: AFLogical is another popular logical data extraction tool made for the Android Platform. It pulls all available MMS, SMS, Contacts, and Call Logs from an Android device and presents the data to the examiner.
Sleuthkit is another command line tool integrated to perform in depth analysis of file systems. This tool also has a Graphical User Interface version named AutoSpy.
Rooting and ROM Modding
If during your pen test or forensics / device assessment you come across a device which is non rooted and you need to root in order to get gain more insight, then the default installation also comes packaged with Android version specific rootkits such as Gingerbreak, ZergRush, psnneuter, etc.
At times it might be required to check for or modify existing ROM's or analyze content on existing ROM backup. In such scenarios, DSIXDA Kitchen is provided, which adds ROM modding capabilities to the system.
In order to flash these customized packages back into the device, we need flashing utilities like fastboot, Flashtools, heimadal, etc as flashing tools.
It is also combined with some common tools like QT-ADB, which acts as a filemanager kind of utility for devices utilizing the ADB interface.
Final Words
11 courses, 8+ hours of training
If you are looking for a framework for your all your Android security needs, Android Tamer could be one of the best tools that you can look into.
Learn how to secure systems with 11 courses from Infosec Skills instructor and #1 best-selling author Ted Harrington.
- Hack your system
- Establish your threat model
- Spend wisely
- And more
In this Series
- Android Tamer – A Walk Through
- DevSecOps: Moving from “shift left” to “born left”
- What’s new in the OWASP Top 10 for 2023?
- DevSecOps: Continuous Integration Continuous Delivery (CI-CD) tools
- Introduction to DevSecOps and its evolution and statistics
- MongoDB (part 3): How to secure data
- MongoDB (part 2): How to manage data using CRUD operations
- MongoDB (part 1): How to design a schemaless, NoSQL database
- Understanding the DevSecOps Pipeline
- API Security: How to take a layered approach to protect your data
- How to find the perfect security partner for your company
- Security gives your company a competitive advantage
- 3 major flaws of the black-box approach to security testing
- Can bug bounty programs replace dedicated security testing?
- The 7 steps of ethical hacking
- Laravel authorization best practices and tips
- Learn how to do application security right in your organization
- How to use authorization in Laravel: Gates, policies, roles and permissions
- Is your company testing security often enough?
- Authentication vs. authorization: Which one should you use, and when?
- Why your company should prioritize security vulnerabilities by severity
- There’s no such thing as “done” with application security
- Understanding hackers: The insider threat
- Understanding hackers: The 5 primary types of external attackers
- Want to improve the security of your application? Think like a hacker
- 5 problems with securing applications
- Why you should build security into your system, rather than bolt it on
- Why a skills shortage is one of the biggest security challenges for companies
- How should your company think about investing in security?
- How to carry out a watering hole attack: Examples and video walkthrough
- How cross-site scripting attacks work: Examples and video walkthrough
- How SQL injection attacks work: Examples and video walkthrough
- Securing the Kubernetes cluster
- How to run a software composition analysis tool
- How to run a SAST (static application security test): tips & tools
- How to run an interactive application security test (IAST): Tips & tools
- How to run a dynamic application security test (DAST): Tips & tools
- Introduction to Kubernetes security
- Key findings from ESG’s Modern Application Development Security report
- Microsoft’s Project OneFuzz Framework with Azure: Overview and concerns
- Software maturity models for AppSec initiatives
- Best free and open source SQL injection tools [updated 2021]
- Pysa 101: Overview of Facebook’s open-source Python code analysis tool
- Improving web application security with purple teams
- Open-source application security flaws: What you should know and how to spot them
- Android app security: Over 12,000 popular Android apps contain undocumented backdoors
- 13 common web app vulnerabilities not included in the OWASP Top 10
- Fuzzing, security testing and tips for a career in AppSec
- 14 best open-source web application vulnerability scanners [updated for 2020]
- 6 ways to address the OWASP top 10 vulnerabilities
- Ways to protect your mobile applications against hacking
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Application security
Application security
Application security
DevSecOps: Continuous Integration Continuous Delivery (CI-CD) tools
Application security