Shulou(Shulou.com)05/31 Report--

How to use Yaazhini to scan Android APKAPI for security vulnerabilities, this article introduces the corresponding analysis and answers in detail, hoping to help more partners who want to solve this problem to find a more simple and easy way.

Yaazhini is a free vulnerability scanning tool for Android APK and API, this tool provides a user-friendly interface, the majority of mobile security researchers can easily scan the APK files and API interfaces of any Android application with the help of Yaazhini, and Yaazhini will also provide you with very rich scan results.

Tool download

Windows version: [click me to download] (98.7MB)

MacOS version: [click me to download] (75.8MB)

System requirements

Operating system: macOS (64 bit), Windows (64 bit & 32 bit)

Running memory: the minimum running memory is 4GB, and the recommended running memory is 16GB (for large Android projects)

Disk space: 10GB disk space

Dependent components: Java 1.8 +

Advantages of Yaazhini

1. Scan Android APK files with one button

2. Support scanning Android application REST API (simulator or physical device)

3. Generate formatted scan report

4. Free use

5. Easy to operate and friendly interface

Yaazhini-Android Application APK scan

APK scan function demonstration:

Steps to use:

1. Open the Yaazhini application

2. Enter the project name

3. Upload APK files to be scanned

4. Click the Upload & Scan button.

5. After the scan is completed, we will view the vulnerability scan detailed report.

Yaazhini-Android Application REST API scan

The REST API scan feature of the Yaazhini-Android-side application can help us identify and identify the following forms of attack:

1. SQL injection

2. Command injection

3. Header injection

4. Cross-site scripting XSS

5. Security Header is missing

6. Respond to the disclosure of sensitive information in Header

7. Disclosure of sensitive information in error messages

8. Missing server-side input verification

9. Prohibited HTTP method

10. Incorrect HTTP response, etc.

Demonstration of the use of REST API scanning function in Yaazhini-Android applications:

Demo video

Steps to use:

1. Open the application

2. Test the mobile devices

3. Create a new project

4. Add a new request to the created project

5. Provide correct Header, URL and other data

6. Save and run the scan

7. When the scan is complete, click generate report

This is the answer to the question on how to use Yaazhini to scan Android APKAPI for security vulnerabilities. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.