The Android Device Testing Framework (dtf
) is a data collection and analysis framework to help individuals search for vulnerabilities on mobile devices. dtf
is not a:
- Vulnerability scanner or explitation framework for mobile devices
- An application assessment tool
- A "turn your phone into a hacking device" tool
Instead, dtf
aims to allow testers to obtain information from their Android device, process this information into databases, and then start searching for vulnerabilities (all without requiring root privileges). These modules help you focus on changes made to AOSP components such as applications, frameworks, system services, as well as lower-level components such as binaries, libraries, and device drivers. In addition, you'll be able to analyze new functionality implemented by the OEMs and other parties to find vulnerabilities.
- 30+ modules for collecting, processing, and interacting with a device
- Builtin API for interfacing with your target device
- Python and shell bindings for creating modules
- Per-project property sub-system and logging/auditing
- Bundled versions of numerous Android tools (think apktool/smali/dex2jar)
dtf
is offically supported on Ubuntu, particularly versions 14 through 16. At this time there is no support for Windows or OS X.
The only manual installation requirement for dtf
is the Android SDK (dtf
relies on the adb
utility). It is recommended that you install Android Studio, and add adb
to your $PATH
.
To install dtf
on Ubuntu (or update the framework), run the following commands:
$ curl -sSL thecobraden.com/getdtf > install.sh
$ chmod u+x install.sh
$ ./install.sh
If you're one of those people who doesn't trust the whole curl|bash
model, just download the script from the GitHub page.
During installation, dtf
will automatically configure itself to pull from the stable feed of core content. It is a good idea to routinely run the following command to ensure dtf
remains up-to-date:
$ dtf pm upgrade
If you previously installed dtf
version 1.3.0, you can use the uninstall script to ensure there are no conflicts:
$ sudo ./uninstall_1_3.sh
Note that dtf
version 1.3.1 does not require any changes to a user's $PATH
, so you should remove any $PATH
changes related to dtf
.
Before using dtf
, you'll need to enable USB debugging on your target device. If you're unsure of what this is, dtf
is probably not the tool for you. Once it's enabled, update all Play applications, and connect the device to your PC. Assuming adb
sees your device, we can create our project with the init
built-in command:
$ mkdir MyProject
$ cd MyProject
$ dtf init
From here, you'll want to read up on each of the many modules that dtf
supports. See the project Wiki for additional details on using dtf
.
dtf
is licensed under the Apache License, Version 2.0, but contains additional code from other projects. Check the NOTICE file for additional projects and licensing.
If you're interested in building your own instance of dtf
, you'll need a couple of dependences:
$ sudo apt-get install lintian python2.7 openjdk-8-jdk python-pip devscripts shellcheck
$ sudo pip install flake8 pylint pytest pytest-runner wheel
You can now build the project, which is currently limited to Debian '.deb' packages. To build dtf
, run the following command from the project root:
$ ./gradlew clean useDebugApk makeDeb
The dtf
man
pages are a great place to start. The man
pages for dtf-module(7)
, dtf-binary(7)
, dtf-library(7)
and dtf-package(7)
will provide additional insight on the structure of dtf
content. If you're creating a module, it's a good idea to ensure that it passes all the checks with the dtf_check
utility. More information can be found in the man
pages for dtf-check(1)
. To check your new module:
$ dtf_check -sa my_cool_module
Please use the project's GitHub issue tracker for reporting bugs. For bugs related to a specific module, please use the issue tracker for that particular git repo.