curl https://bootstrap.pypa.io/pip/2.7/get-pip.py --output get-pip.py
sudo python2.7 get-pip.py
sudo pip2.7 install protobuf
sudo pip2.7 install pyOpenSSL
git clone https://github.com/hamcrest/PyHamcrest.git
cd PyHamcrest
sudo python3 setup.py install
cd; sudo pip2.7 install Twisted
1). wget https://github.com/mwrlabs/drozer/releases/download/2.4.4/drozer-2.4.4-py2-none-any.whl; sudo pip2.7 install drozer-2.4.4-py2-none-any.whl
2). pip install drozer
--> Forward Port for Connection b/w Android Server and Machine --> adb forward tcp:31415 tcp:31415 --> Connect with Server --> drozer console connect
--> run app.package.list -f
--> run app.package.debuggable
List Applications that have Backup functionality. This will also list out UID and API Key if they are Synchronize data with cloud.
--> run app.package.backup
--> run app.package.launchintent jakhar.aseem.diva
--> run app.package.manifest jakhar.aseem.diva
--> run app.package.native jakhar.aseem.diva
--> run app.package.shareduid -u 10010
--> run app.package.attacksurface
List Out Activities of that package with intent filters and intent Permissions (-i for Intents) and (-v for verbosity)
--> run app.activity.info -a -i -v
--> run app.activity.start --component
--> run app.provider.info
--> run app.provider.query
--> run scanner.provider.finduris -a Find URI's --> run scanner.provider.injection -a Injection --> run scanner.provider.sqltables -a Enumerate Table Name --> run scanner.provider.traversal -a Table Traversal
--> run app.broadcast.info -a com.android.dialer
--> run app.broadcast.sniff --action AIRPLANE_MODE_CHANGE
--> run app.service.info -a -iuv