BinderFuzzy
-
The app complies with the inclusion criteria -
The app is not already listed in the repo or issue tracker. -
The original app author has been notified (and supports the inclusion).
https://github.com/ChickenHook/BinderFuzzy
Link to the source code:Link to app in another app store: -
License used: Apache License 2.0
Category: Security
Summary:
An App intended for fuzzing the Binder interface and System Services of Android. You can use this Project in order to find bugs and exploits inside the Binder interface or System Services.
Description:
BinderFuzzy is a fuzzer that can generate binder events in order to pentest system services running on the Android operating system (https://developer.android.com/reference/android/os/Binder, https://source.android.com/devices/architecture/hidl/binder-ipc). You can validate if system services have correct error handling or transfer binder objects / tokens of other services in order to validate if the target system service validates binder arguments.
This Project covers following features:
- Browse managers and binder interfaces.
- Execute Fuzzy tasks
- Configure argument lists for each parameter of the method to fuzz
- Read logs of recent tasks
- Use python3 cli (optional) to execute fuzzer from desktop.
- Define fuzzer script and execute via cli
Enjoy our App!