THIS REPOSITORY IS DEPRECATED.
ALL OF ITS CONTENT HAS BEEN UPDATED AND MOVED TO mobile-pentest-toolkit
The mobile pentest toolkit (MPT) was presented on conference OWASP Bucharest AppSec 2018.
pip3 install -r requirements.txt
:warning: You need to install Oh My ZSH
cp -r mpt/mpt-zsh-plugin/ ~/.oh-my-zsh/plugins/mpt
Enable MPT plugin in .zshrc
by adding the fooling line plugins=(mpt)
1) Setup pentest environment and install required tools
mpt --install tools
2) Prepare pentest device
mpt --install apps
3) Setup a new pentest project
mpt --setup <apk-file>
mpt.py <command> [options]
--adb-run -- start adb server
--backup -- [package-name] backup an android application
--config -- show current pentest config
--drozer -- run drozer application
--frida -- run frida server on the device
--help -- show print message and exit
--inspeckage -- open Inspeckage web interface
--install -- install required packages [tools|apps]
--list-packages -- show all installed packages (use option all to di
--mobile-sec-framework -- run Mobile Security Framework (MobSF)
--pidcat -- [package-name] show colored logcat for a specific
--root-detection -- [package-name]disable root detection (<package na
--setup -- [APK] setup pentest environment
--source -- start java decompiler for source code analysis
--ssl-pinning -- [package-name]disable SSL pinning (<package name>