Skip to main content
Android Security Agent performs comprehensive Android application security testing on Genymotion cloud-hosted rooted ARM64 devices. It adapts its methodology based on what it discovers during testing, going deeper where the evidence warrants it.

What it does

  • Static analysis: decompiles APKs using JADX and apktool to analyze source code, identify hardcoded secrets, and map the application’s attack surface
  • Dynamic testing: installs and exercises the app on a rooted Genymotion cloud device, using LLM-driven navigation to explore app flows breadth-first
  • Frida instrumentation: hooks into the app’s runtime using preset and custom Frida scripts to bypass SSL pinning, intercept method calls, and inspect runtime behavior
  • Network traffic analysis: captures and analyzes traffic using mitmproxy and nuclei to identify insecure communications and API vulnerabilities
  • APK acquisition: downloads APKs via apkeep with mirror fallback when the APK is not provided directly
  • OWASP Mobile Top 10 coverage: tests systematically against the OWASP Mobile Top 10 for Android

How it fits in

Android Security Agent is invoked for tasks that include an APK, a Play Store link, or an explicit Android testing objective. It runs the full mobile assessment lifecycle from static analysis through dynamic instrumentation.