QuarksLab's Android Fuzzing
A collection of tools and examples for fuzzing Android applications using AFL++ with Frida mode.
What is QuarksLab's Android Fuzzing?
Android-fuzzing is a collection of tools and examples for performing greybox fuzzing on Android applications using AFL++ with Frida mode. It provides build configurations, harness examples, and libraries to help security researchers fuzz both native code and JNI functions in Android environments. The project addresses the challenge of instrumenting and fuzzing mixed Java/native codebases on mobile platforms.
Security researchers, penetration testers, and Android developers who need to perform security testing through fuzzing on Android applications, particularly those with native components or JNI interfaces.
Developers choose this project because it provides practical, ready-to-use examples and configurations for a challenging fuzzing scenario—Android applications with mixed Java/native code. It bridges AFL++'s powerful fuzzing capabilities with Frida's dynamic instrumentation specifically for Android platforms.
Overview
This project provides materials for performing greybox fuzzing on Android applications by leveraging AFL++ with Frida mode. It includes build configurations, example harnesses, and libraries to facilitate fuzzing of both native and JNI functions in Android environments.
Key Features
- AFL++ Frida Mode for Android — CMake configuration to build AFL++ Frida mode for Android 12 aarch64
- Multiple Harness Examples — Native, weakly linked JNI, and strongly linked JNI function harnesses for different fuzzing scenarios
- Java Environment Initialization — jenv library to initialize Java environments from native harnesses
- Ready-to-Use Target — Includes an Android application (APK) as a fuzzing target for testing
- Practical Implementation — All materials are associated with a detailed blog post explaining the approach
Philosophy
The project emphasizes practical, reproducible Android fuzzing setups that bridge native code instrumentation with Java/JNI environments through Frida's dynamic instrumentation capabilities.
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
