Vehicle Security Toolkit

Automotive/Android/Firmware/Code Security Testing Tool Set

• Vehicle-Security-Toolkit
  • Install
    • init_local.sh
    • init_remote.sh
  • Firmware Extraction
    • img-extract.sh
    • adb-extract.sh
  • APK Testing
    • apk-allinone.py
  • Binary testing
    • bin-allinone.py
  • Source code testing
    • src-allinone_java.py
    • src-allinone_c.py
  • System testing
  • Vulnerability testing
  • Privacy Compliance Testing
  • APK Fuzz Test
  • Frida Test Script
  • Other tools
  • Follow us

A full installation on Ubuntu 20.04 (Python 3.8 and above) can take several hours. If you are worried about destroying the local environment, you can use a virtual machine. Please see dev for details.

Install the Android SDK on a local Linux device and execute init_local.sh .

$ sudo snap install android-studio --classic  # 完成后打开android-studio进行设置

$ git clone https://github.com/firmianay/Vehicle-Security-Toolkit.git
$ cd Vehicle-Security-Toolkit && ./init_local.sh

Connect ADB to the remote Android device and execute init_remote.sh :

$ ./init_remote.sh [android | linux] [adb | ssh ip:port]

Note: Scrcpy screen projection can be used when Android devices have only boards and no screens.

Download the fastboot.zip package, unzip it and remove super.img from the images directory.

Extract firmware from Android ROM with one click.

$ ./img-extract.sh [super.img | fastboot.zip]

Extract firmware from Android devices with one click.

$ ./adb-extract.sh
******************* adb-extract.sh ********************
    1. Collect basic information, init and selinux
    2. Execute live commands
    3. Execute package manager commands
    4. Execute bugreport, dumpsys, appops
    5. Acquire /system folder
    6. Acquire /sdcard folder
    7. Extract APK files
    8. Extract data from content providers
    9. Extract databases and keys
    10. Extract compressed and bin files
    11. Acquire an ADB Backup
    12. Do all of the above
Choose an option: 

One-stop call to all APK tools for single or batch scans. The tools in the apk_scan directory are called as libraries and can also be used independently.

$ docker run -it --rm -p 8000:8000 opensecurity/mobile-security-framework-mobsf
$ docker-compose -f ./tools/mobileAudit-main/docker-compose.yaml up

$ find ~ /apks -name " *.apk " | xargs realpath > ./data/apk.list
$ python3 apk-allinone.py --config ./data/apk.list --decompile

One-stop call to all binary tools for single or batch scans. The tools in the bin_scan directory are called as libraries and can also be used independently.

$ find ~ /apks -type f | xargs file | grep " ELF " | cut -d " : " -f 1 | xargs realpath > ./data/bin.list
$ python3 bin-allinone.py --config ./data/bin.list

One-stop call to all Java/Android source code tools for single or batch scanning. The tools in the src_scan directory are called as libraries and can also be used independently.

$ readlink -f ~ /hmi/apps/ * > ./data/src.list
$ python3 src-allinone_java.py --config ./data/src.list --build_config ./demo/build_config.json --build

One-stop call all C/Cpp source code tools for batch scanning.

$ python3 src-allinone_c.py --src ~ /source

One-stop scans Android kernel configuration, secure boot, SELinux, etc.

$ python3 sys-allinone.py --sys ~ /source

One-stop vulnerability scans for Android/Linux devices. The tools in the cve_scan directory are called as libraries and can also be used independently.

$ python3 cve_allinone.py --arch [x64 | arm | aarch64] --connect [adb | ssh] --device ip:port

Android App Privacy Compliance Test.

$ python3 tools/camille-master/camille.py -ns -t 3 -f demo.xls

Fuzz tool based on drozer implementation. apk_fuzz

Frida

Other tools

VulnTotal Security is committed to sharing high-quality original articles and open source tools, including IoT/automatic security, mobile security, cyber attack and defense, etc.

GNU General Public License v3.0