[tool] Add Drozer to Android Testing Guide back

[andreysanyuk]

Recently a new version of Drozer has been released Drozer 3.0.0. It supports Python 3 and modern Java per their release notes: Compatibility with Python 3 and modern Java.

So it makes sense to bring it back to the guide since it is more convenient for the security testing than ADB.

[cpholguera]

Very interesting, thank you @andreysanyuk!

[cyberMilosz]

Hello from the drozer team!

Worth noting that drozer is still included in MASTG as MASTG-TOOL-0015 (those numberic references are not so great for quick checks) - as far as I know it was never removed.

The current writeup only needs modest adjustments - mostly to remove old articles on installation and the 2015 user manual PDF, and perhaps to provide some practical advice on actually using the tool.

I was planning to propose my own adjustments in a few weeks, once we've ironed out some final kinks. Happy to work on this if you'd like.

[anantshri]

@cyberMilosz I think it just started https://github.com/OWASP/owasp-mastg/pull/1904/files

[cyberMilosz]

@cyberMilosz I think it just started https://github.com/OWASP/owasp-mastg/pull/1904/files

Ah, I've missed that! Yeah, it would be a shame to lose useful content - even the old version of drozer was perfectly usable with a docker container.

[cpholguera]

@cyberMilosz would you like to update the current page? That'd be very helpful. I can assign the issue to you.

https://mas.owasp.org/MASTG/tools/android/MASTG-TOOL-0015/

[cyberMilosz]

@cpholguera Happy to!

[cpholguera]

Thanks @cyberMilosz, it's yours!

[cyberMilosz]

Hey @cpholguera - we've completed the first part of this: adjusting the MASTG-TOOL page. #2614

If you're happy for us to continue, we'd like to go over the changes highlighted by @andreysanyuk and @anantshri and see if we can restore some of the old instructions where they make sense (i.e., where the current recommendations are heavy on adb/aapt or significantly less convenient than the drozer approach).