Have you validated the security of the Android apps and devices released by, or used in, your organisation?

drozer is a comprehensive security and attack framework for Android.

With increasing pressure to support mobile working, the ingress of Android into the enterprise is gathering momentum. Have you considered the threat posed by the Android app that supports your business function, or Android devices being used as part of your BYOD strategy?

drozer-usagedrozer helps to provide confidence that Android apps and devices being developed by, or deployed across, your organisation do not pose an unacceptable level of risk. By allowing you to interact with the Dalvik VM, other apps’ IPC endpoints and the underlying OS.

drozer provides tools to help you use and share public exploits for Android. For remote exploits, it can generate shellcode to help you to deploy the drozer Agent as a remote administrator tool, with maximum leverage on the device.

Faster Android Security Assessments

drozer helps to reduce the time taken for Android security assessments by automating the tedious and time-consuming.

  • Use flexible, pre-written modules to perform common tasks.
  • Execute dynamic code on a device, to avoid the need to compile and install small test scripts.

Visualise the Attack Surface

drozer pro helps to guide your security assessment, by providing an interactive visualisation of the attack surface.

  • View the attack surface as a graph, showing how Android components are related.
  • Interact with other apps, by sending Intents and Messages and observing the outcome.

Guided Assessment

drozer pro is built on the collected experience of countless Android security assessments. Use our knowledge to help guide your assessment:

  • Find the attack surface through Android’s IPC mechanism automatically.
  • Create both explicit and implicit Intents to invoke other Apps.

Android Tools Integration

drozer pro offers seamless integration with the Android Developer Tools.

  • Start Android emulators, provisioned with the drozer Agent and the app you want to investigate.
  • Simulate sensor input, such as GPS, to emulators to test the full attack surface.

More Reasons at a Glance

  • Interact directly with the Android Runtime and Dalvik VM
    drozer does not require USB debugging to be enabled; so you can perform assessments on devices in their production state.
  • Test your Exposure to Public Exploits
    drozer provides point-and-run implementations of many public Android exploits. You can use these to identify vulnerable devices in your organisation, and to understand the risk that these pose.
  • Sharing and Community
    drozer community edition is licensed under BSD terms, allowing you to extend drozer and share your new modules with the community.

drozer is available as both open source software, and a full-featured professional version.

drozer community edition drozer pro
Interaction with Apps X X
Exploitation X X
No Dependency on Developer Tools X X
Automation* X

* drozer ‘Automation’ is the ability to visualise the attack surface and quickly perform tasks using the full functionality of drozer.

See a full feature list and comparison of the community and pro editions of drozer.

  • drozer can interact with Android system services and other apps on the device, to find information and interact with the system.
  • drozer visualises the attack surface of an app or device, and allows you to interact with it.
  • Perform guided assessment, with drozer showing you how to interact with other apps and services.
  • An SQL Injection vulnerability detected by drozer pro.
  • Simulate input from sensors and the mobile network, when working with emulators, to exercise the full attack surface.
  • drozer uses a lightweight agent on a real Android device to facilitate dynamic analysis.