This tool analyzes Android app to find vulnerabilities in
- AndroidManifest.xml
- network_security_config.xml
- Firebase URLs from strings.xml.
This tool also shows Deeplinks used in Android app.
JDK and Python3 are required.
How to Install:
cd ScanAndroidXML
pip install -r requirements.txt
How to Run:
Move apk file into SacnAndroidXML directory
python ScanAndroidXml.py <apk file>
This will print the results in terminal and generate results in html file.
Sample Results:
