Yaazhini – Android APK & API Vulnerability Scanner

What is Yaazhini?

Yaazhini is the vulnerability scanner for android application APK and REST api. User  can easily scan any APK and API  of android application and find the vulnerabilities. 

Refer the link to Download Yaazhini  for Mac and Windows

It have two modules that are

  1. APK Scanner
  2. API Scanner

1. Yaazhini- APK Scanner :-

  In the APK scanner, users have to enter the Project/App name and upload the .apk file  and click on Upload & Scan button, As the scan gets completed it will redirect the user  to the main page where the user can see details. it automatically scans and displays all vulnerabilities  available in the APK file. After that the user can generate the report.

How to generate report-

  1. Right-click on the project.
  2. Click on Generate Report.
  3. Save the report at your preferred location.

After successful completion of scan user can see the details of –

  1. Provide the details of the vulnerabilities.
  2. Users can see the source code and download it.
  3. Users can see the Linked URLs, Libraries, Permission with descriptions, Activities, Receivers and Services.

    2 . Yaazhini- API Scanner

    Yaazhini REST API scanner is an automated  tool to scan and detect vulnerabilities in REST API.

    Steps to perform REST API scanner-

    1. Select the Device Type-
      1. Android Emulator
      2. Android Device
    2. Enter IP address and Port Number.
    3. Set Proxy in Android Device or Emulator.
    4. Click on Next Button
    5. Now traverse the application.
    6. On the right side node will appear with all the APIs. After scan gets completed it will show all the vulnerabilities with the details.

     

      How to generate report-

    1. Right-click on the project.
    2. Click on Generate Report.
    3. Save the report at your preferred location.

    Comments