Introduction
We've covered all the Android development basics and introduced all the Android Development Tools. Now it's time to start getting into the Android hacking and security assessment tools.
This chapter introduces you to an exploitation and Android security assessment framework called drozer —formally known as Mercury —developed by some of the people at MWR Labs. Also covered in the chapter is a Debian-based Linux distribution called Santoku , which is basically like BackTrack or Kali Linux of Mobile security assessment. Here we cover setting it up and getting it running.
Before we begin setting up drozer and writing some sample scripts, something that's very important for you to understand is a little about how drozer operates and how it solves some problems in the Android security assessment game.
drozer comes in two parts: one is the "console" that runs on your local machine and the other is the "server", which is basically an application installed on a target Android device. When...
