android-pentest

What problem does it solve?

This Skill consolidates Android security assessment workflows, enabling automatic coordination of static APK analysis, dynamic instrumentation with Frida/Objection, runtime manipulation, traffic interception, and vulnerability discovery across rooted devices and emulators.

Core Features & Use Cases

• Static & Dynamic Analysis: APK inspection, decompilation, and instrumentation for security testing.
• Runtime Manipulation & Traffic Interception: Bypass SSL pinning, defeat basic root checks, configure proxies, and monitor network traffic.
• Use Case: Given an Android app, run a full security assessment from reconnaissance to reporting using MCP tool sequences and prebuilt Frida scripts; export findings and evidence.

Quick Start

1. Connect a rooted Android device or emulator with ADB and Frida server running.
2. Use Claude Code MCP commands to pull APK, enumerate components, attach Frida scripts, and orchestrate dynamic analysis.
3. Capture network traffic, collect evidence, and generate a formal security assessment report.