FuzzingLabs
diff --git a/‎backend/toolbox/modules/android/__init__.py‎
Lines changed: 25 additions & 0 deletions b/‎backend/toolbox/modules/android/__init__.py‎
Lines changed: 25 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/clipboard-sensitive-data.yaml‎
Lines changed: 15 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/clipboard-sensitive-data.yaml‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/hardcoded-secrets.yaml‎
Lines changed: 23 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/hardcoded-secrets.yaml‎
Lines changed: 23 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/insecure-data-storage.yaml‎
Lines changed: 18 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/insecure-data-storage.yaml‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/insecure-deeplink.yaml‎
Lines changed: 16 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/insecure-deeplink.yaml‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/insecure-logging.yaml‎
Lines changed: 21 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/insecure-logging.yaml‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/intent-redirection.yaml‎
Lines changed: 15 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/intent-redirection.yaml‎
Lines changed: 15 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/sensitive_data_sharedPreferences.yaml‎
Lines changed: 18 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/sensitive_data_sharedPreferences.yaml‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/sqlite-injection.yaml‎
Lines changed: 21 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/sqlite-injection.yaml‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎backend/toolbox/modules/android/custom_rules/vulnerable-activity.yaml‎
Lines changed: 16 additions & 0 deletions b/‎backend/toolbox/modules/android/custom_rules/vulnerable-activity.yaml‎
Lines changed: 16 additions & 0 deletions
@@ -0,0 +1,25 @@
+"""
+Android Security Modules
+
+This package contains modules for android static code analysis and security testing.
+
+Available modules:
+- MobSF: Mobile Security Framework
+- Jadx: Dex to Java decompiler
+- OpenGrep: Open-source pattern-based static analysis tool
+"""
+
+from typing import List, Type
+from ..base import BaseModule
+
+# Module registry for automatic discovery
+ANDROID_MODULES: List[Type[BaseModule]] = []
+
+def register_module(module_class: Type[BaseModule]):
+    """Register a android security module"""
+    ANDROID_MODULES.append(module_class)
+    return module_class
+
+def get_available_modules() -> List[Type[BaseModule]]:
+    """Get all available android modules"""
+    return ANDROID_MODULES.copy()
@@ -0,0 +1,15 @@
+rules:
+  - id: clipboard-sensitive-data
+    severity: WARNING
+    languages: [java]
+    message: "Sensitive data may be copied to the clipboard."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      category: security
+      area: clipboard
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/*.java"
+    pattern: "$CLIPBOARD.setPrimaryClip($CLIP)"
@@ -0,0 +1,23 @@
+rules:
+  - id: hardcoded-secrets
+    severity: WARNING
+    languages: [java]
+    message: "Possible hardcoded secret found in variable '$NAME'."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      owasp-mobile: M2
+      category: secrets
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/*.java"
+    patterns:
+      - pattern-either:
+          - pattern: 'String $NAME = "$VAL";'
+          - pattern: 'final String $NAME = "$VAL";'
+          - pattern: 'private String $NAME = "$VAL";'
+          - pattern: 'public static String $NAME = "$VAL";'
+          - pattern: 'static final String $NAME = "$VAL";'
+      - pattern-regex: "$NAME =~ /(?i).*(api|key|token|secret|pass|auth|session|bearer|access|private).*/"
+
@@ -0,0 +1,18 @@
+rules:
+  - id: insecure-data-storage
+    severity: WARNING
+    languages: [java]
+    message: "Potential insecure data storage (external storage)."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      owasp-mobile: M2
+      category: security
+      area: storage
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/*.java"
+    pattern-either:
+      - pattern: "$CTX.openFileOutput($NAME, $MODE)"
+      - pattern: "Environment.getExternalStorageDirectory()"
@@ -0,0 +1,16 @@
+rules:
+  - id: insecure-deeplink
+    severity: WARNING
+    languages: [xml]
+    message: "Potential insecure deeplink found in intent-filter."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      category: component
+      area: manifest
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/AndroidManifest.xml"
+    pattern: |
+      <intent-filter>
@@ -0,0 +1,21 @@
+rules:
+  - id: insecure-logging
+    severity: WARNING
+    languages: [java]
+    message: "Sensitive data logged via Android Log API."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      owasp-mobile: M2
+      category: logging
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/*.java"
+    patterns:
+      - pattern-either:
+          - pattern: "Log.d($TAG, $MSG)"
+          - pattern: "Log.e($TAG, $MSG)"
+          - pattern: "System.out.println($MSG)"
+      - pattern-regex: "$MSG =~ /(?i).*(password|token|secret|api|auth|session).*/"
+
@@ -0,0 +1,15 @@
+rules:
+  - id: intent-redirection
+    severity: WARNING
+    languages: [java]
+    message: "Potential intent redirection: using getIntent().getExtras() without validation."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      category: intent
+      area: intercomponent
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/*.java"
+    pattern: "$ACT.getIntent().getExtras()"
@@ -0,0 +1,18 @@
+rules:
+  - id: sensitive-data-in-shared-preferences
+    severity: WARNING
+    languages: [java]
+    message: "Sensitive data may be stored in SharedPreferences. Please review the key '$KEY'."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      owasp-mobile: M2
+      category: security
+      area: storage
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/*.java"
+    patterns:
+      - pattern: "$EDITOR.putString($KEY, $VAL);"
+      - pattern-regex: "$KEY =~ /(?i).*(username|password|pass|token|auth_token|api_key|secret|sessionid|email).*/"
@@ -0,0 +1,21 @@
+rules:
+  - id: sqlite-injection
+    severity: ERROR
+    languages: [java]
+    message: "Possible SQL injection: concatenated input in rawQuery or execSQL."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      owasp-mobile: M7
+      category: injection
+      area: database
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/*.java"
+    patterns:
+      - pattern-either:
+          - pattern: "$DB.rawQuery($QUERY, ...)"
+          - pattern: "$DB.execSQL($QUERY)"
+      - pattern-regex: "$QUERY =~ /.*\".*\".*\\+.*/"
+
@@ -0,0 +1,16 @@
+rules:
+  - id: vulnerable-activity
+    severity: WARNING
+    languages: [xml]
+    message: "Activity exported without permission."
+    metadata:
+      authors:
+        - Guerric ELOI (FuzzingLabs)
+      category: component
+      area: manifest
+      verification-level: [L1]
+    paths:
+      include:
+        - "**/AndroidManifest.xml"
+    pattern: |
+      <activity android:exported="true"