Ethical Hacking Tutorials

Ethical Hacking Tutorials, Tips and Tricks

Scrounger – Mobile Application Testing Toolkit


The idea behind Scrounger is to make a metasploit-like tool that will not do a pentesters work but help the pentester on his assessment by executing mundane tasks that need to be performed on all assessments.

Scrounger is a modular tool designed to perform the routine tasks required during a mobile application security assessment.  Scrounger conveniently brings together both major mobile operating systems – Android and iOS – into a single tool, in a way that is easy use, well documented, and easily extensible.

Scrounger consists on a number of modules that were built on top of a strong core. The rationale is to allow easy extensibility, just like Metasploit does. As a result, if you want Scrounger to perform additional checks, you can simply add a new module that can then be executed either through Scrounger’s interactive console or its command line interfaces.

Furthermore, it contains both Android and iOS modules, so, instead of using multiple tools to help you during a mobile application assessment, Scrounger offers you the possibility to use only one tool and learn only one set of commands, that will work for both operating systems.

Scrounger already comes bundled with several modules that can be run to perform several checks against mobile applications.

 

The Difference

The main features Scrounger offers that others don’t:

  • Works with Android and iOS
  • Metasploit-like console and modules
  • Offers a variaty of modules that can be run to give the pentester a starting point
  • Easily extendable

 

 

Required Binaries


For Android Modules

 

For iOS Modules

 

iOS Binaries

  • Bundled Binaries:
    • clutch
    • dump_backup_flag
    • dump_file_protection
    • dump_keychain
    • dump_log
    • listapps
  • Cydia Karen’s Repository (https://cydia.angelxwind.net) (Optional):
    • AppSync Unified (Package: net.angelxwind.appsyncunified)
    • appinst (Package: com.linusyang.appinst)
  • Other (Optional):

 

Mobile Application Testing Toolkit: Scrounger Download

Updated: September 6, 2018 — 1:38 am

Leave a Reply

Your email address will not be published. Required fields are marked *

Ethical Hacking Tutorials © 2018
Skip to toolbar