Question 1

How do I add my own hooks to Introspy-Android?

Accepted Answer

You can add custom hooks by modifying the com.introspy.custom_hooks module in the source code, as described in the 'Adding hooks' section. Enable the 'CUSTOM HOOKS' option in the Config app and follow the examples like HookExampleImpl.java to extend analysis capabilities.

Question 2

Introspy-Android vs. Frida for Android dynamic analysis?

Accepted Answer

Introspy-Android is specialized for security-focused API hooking with built-in vulnerability checks, while Frida offers more general scripting and flexibility. Introspy is better for predefined security analysis, but Frida allows custom scripts without always requiring rooting.

Question 3

Does Introspy-Android work on the latest Android versions like Android 13?

Accepted Answer

The README states it works on Android 2.3 and above for the Core, but compatibility isn't guaranteed for all versions. Users should test on their target devices, as crashes can occur due to untested Android builds or Cydia Substrate issues.

Question 4

How can I generate an HTML report from Introspy-Android logs?

Accepted Answer

Use the separate Introspy-Analyzer tool to process the database (introspy.db) generated by Introspy-Android. The analyzer parses the logged data and creates detailed HTML reports listing API calls and potential vulnerabilities for review.

Question 5

What security vulnerabilities does Introspy-Android detect?

Accepted Answer

It detects issues like weak cryptography (e.g., static IVs), insecure file system accesses, IPC vulnerabilities, and webview misconfigurations, as detailed in the 'What is being analysed/logged' section covering categories like GENERAL CRYPTO, SSL, and WEBVIEW.

Question 6

Can I use Introspy-Android without the GUI configuration app?

Accepted Answer

Yes, by creating an introspy.config file in the app's directory with the desired filters, but this requires manual setup via ADB commands and is less user-friendly than the GUI available on Android 3.0+.

Introspy

What is Introspy?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions