How does AMDH compare to tools like Magisk for Android security?

AMDH focuses on automation via ADB for hardening and malware detection without root, while Magisk is a rooting tool with modules for system-level modifications. AMDH is better for compliance audits, whereas Magisk suits advanced users needing root access.

How to install AMDH on Windows?

Clone the repository, set up a Python virtual environment, install dependencies from requirements.txt, and specify the ADB path in the config file or via command-line arguments, as detailed in the installation and usage sections.

Can AMDH detect zero-day or unknown malware?

No, AMDH only detects known malware through static analysis of permissions and native functions from a predefined list, so it won't catch new threats without updates to its malware database.

How to revoke dangerous permissions with AMDH?

Use the -sA flag to scan applications and -R to revoke all dangerous permissions automatically, generating a report that shows revoked permissions and any admin receivers removed.

Does AMDH work on Android 11 or newer versions?

The README states testing up to Android 10, so compatibility with Android 11 or higher is not guaranteed and may require adjustments due to changes in ADB or system settings.

How to create and compare snapshots in AMDH?

Use the -S flag to create a snapshot in a specified directory, capturing apps, settings, contacts, and SMS. Compare with -cS to generate a JSON report highlighting changes like new apps or modified settings.

Open-Awesome

Android Mobile Device Hardening

GPL-3.0Python

A Python tool for automating Android device security hardening, malware detection, and privacy protection via ADB.

GitHub

218 stars27 forks0 contributors

What is Android Mobile Device Hardening?

AMDH is a Python tool that automates security hardening and malware detection for Android devices via ADB. It scans system settings, analyzes installed applications for dangerous permissions and known malware, and helps enforce privacy and security configurations. The tool generates detailed reports and supports snapshot comparisons to monitor device state changes over time.

Target Audience

Security researchers, IT administrators, and privacy-conscious Android users who need to audit and harden mobile devices. It's particularly useful for those managing multiple devices in enterprise or testing environments.

Value Proposition

Developers choose AMDH for its automation capabilities, comprehensive scanning features, and open-source transparency. It provides a CLI alternative to manual ADB commands, integrating CIS benchmarks, malware detection, and detailed reporting into a single tool.

Overview

Android Mobile Device Hardening

Use Cases

Best For

Automating CIS benchmark compliance checks on Android devices
Detecting known malware in installed applications via static analysis
Auditing and revoking dangerous permissions from Android apps
Creating and comparing snapshots of device state for security monitoring
Managing security settings across multiple Android devices simultaneously
Hardening Android privacy settings and disabling unnecessary features

Not Ideal For

Environments requiring cloud-based or remote device management without local ADB access
Users needing complete device restoration including contacts from snapshots
Teams that prefer GUI-based security tools over command-line interfaces
Projects targeting Android versions beyond 10, as testing is limited to older versions

Pros & Cons

Pros

Automated CIS Compliance

Automates security checks based on CIS benchmarks for Android, hardening system settings according to documented guidelines without manual intervention.

Static Malware Detection

Performs static analysis to detect known malware like ActionSpy and WolfRat by comparing permissions and scanning for malicious native functions using androguard and pwntools.

Comprehensive Snapshot System

Captures detailed device state including apps, settings, contacts, and SMS in JSON format, enabling easy comparison over time for security monitoring.

Multi-Device Management

Supports managing multiple connected Android devices simultaneously via threading, streamlining security audits for administrators handling several devices.

Cons

Incomplete Restoration Features

Snapshot restore does not support contacts, limiting its utility for full device recovery, as acknowledged in the README's feature list with contacts marked as not implemented.

Limited Malware Coverage

Only detects a few specific malware families (e.g., ActionSpy, WolfRat, Anubis), leaving devices vulnerable to newer or unknown threats not in its database.

ADB Dependency and Issues

Relies heavily on ADB, which can cause problems such as failed SMS backups or permission revocation issues on some devices, as noted in the known issues section.

Frequently Asked Questions

Related Projects

mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Stars43,650

Forks4,575

Last commit3 days ago

AppMon

Documentation:

Stars1,622

Forks280

Last commit3 years ago

Android-Exploits

A collection of android Exploits and Hacks

Stars985

Forks150

Last commit6 years ago

Internal Blue

Bluetooth experimentation framework for Broadcom and Cypress chips.

Stars771

Forks105

Last commit1 year ago

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

Android Mobile Device Hardening

GPL-3.0Python

A Python tool for automating Android device security hardening, malware detection, and privacy protection via ADB.

GitHub

218 stars27 forks0 contributors

What is Android Mobile Device Hardening?

Target Audience

Value Proposition

Overview

Android Mobile Device Hardening

Use Cases

Best For

Automating CIS benchmark compliance checks on Android devices
Detecting known malware in installed applications via static analysis
Auditing and revoking dangerous permissions from Android apps
Creating and comparing snapshots of device state for security monitoring
Managing security settings across multiple Android devices simultaneously
Hardening Android privacy settings and disabling unnecessary features

Not Ideal For

Environments requiring cloud-based or remote device management without local ADB access
Users needing complete device restoration including contacts from snapshots
Teams that prefer GUI-based security tools over command-line interfaces
Projects targeting Android versions beyond 10, as testing is limited to older versions

Pros & Cons

Pros

Automated CIS Compliance

Automates security checks based on CIS benchmarks for Android, hardening system settings according to documented guidelines without manual intervention.

Static Malware Detection

Performs static analysis to detect known malware like ActionSpy and WolfRat by comparing permissions and scanning for malicious native functions using androguard and pwntools.

Comprehensive Snapshot System

Captures detailed device state including apps, settings, contacts, and SMS in JSON format, enabling easy comparison over time for security monitoring.

Multi-Device Management

Supports managing multiple connected Android devices simultaneously via threading, streamlining security audits for administrators handling several devices.

Cons

Incomplete Restoration Features

Snapshot restore does not support contacts, limiting its utility for full device recovery, as acknowledged in the README's feature list with contacts marked as not implemented.

Limited Malware Coverage

Only detects a few specific malware families (e.g., ActionSpy, WolfRat, Anubis), leaving devices vulnerable to newer or unknown threats not in its database.

ADB Dependency and Issues

Relies heavily on ADB, which can cause problems such as failed SMS backups or permission revocation issues on some devices, as noted in the known issues section.