Jens Klingenberg

Android Penetration Testing with QARK

Posted on August 27, 2016  •  1 minutes  • 163 words
Table of contents

In this post i want to show you how you can check your app against common security vulnerabilities with QARK (Quick Android Review Kit)

What is QARK?

QARK is a open source tool created by LinkedIn. You can use it to check your app against common security vulnerabilities.
Quick Android Review Kit - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs. The tool is also capable of creating "Proof-of-Concept" deployable APKs and/or ADB commands, capable of exploiting many of the vulnerabilities it finds.

# How to use it? * 1)Download the project from GitHub * 2)Start QARK
sudo python qark.py

QARK Starmenu QARK Startmenu

You can choose to analyse an APK or your existing source code. QARK will generate a report file in “report” folder.

This is the report that QARK generates for the Apk This is the report that QARK generates for the Apk

The report file will give you information about potential vulnerabilities and what you should do to fix them.

Let's connect: