Mercury Framework Android Vulnerability Assessment

Mercury is a framework for exploring the Android platform to find vulnerability and share proof-of-concept exploits. Mercury allows you to assume the role of a low-privileged Android app, and to interact with both other apps and the system. Use dynamic analysis on Android applications and devices for quicker vulnerability assessments. Share publicly known methods of exploitation on Android and proof-of-concept exploits for applications and devices. Write custom tests and exploits, using the easy extensions interface. Mercury does all of this over the network: it does not require ADB.
Mercury framework android vulnerability assessment features :
- Interact with the 4 IPC endpoints : activities, broadcast receivers, content providers and services.
- Use a proper shell that allows you to play with the underlying linux OS from the point of view of an unprivileged application (you will be amazed at how much you can still see).
- Find information on installed packages with optional search filters to allow for better control.
- Built-in commands that can check application attack vectors on installed applications.
- Transfer files between the Android device and your computer.
- Create new modules to exploit your latest finding on Android, and playing with those that others have found.
Download Mercury Framework Android Vulnerability Assessment