Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

QARK: Android App Exploit and SCA Tool

DZone's Guide to

QARK: Android App Exploit and SCA Tool

OWASP's latest video can be a huge help to Android developers focusing on security. Check it out.

· Mobile Zone
Free Resource

Launching an app doesn’t need to be daunting. Whether you’re just getting started or need a refresher on mobile app testing best practices, this guide is your resource! Brought to you in partnership with Perfecto

OWASP released a video focused on QARK, an Android app exploit and SCA tool. The video, presented by Tushar Dalvi and Tony Trummer, Security Engineers at LinkedIn, goes over the tool and how useful it may be in your Android development.

Here's what OWASP had to say:

Ever wonder why there isn't a metasploit-style framework for Android apps? We did! 

Whether you're a developer trying to protect your insecure app from winding up on user devices, an Android n00b or a pentester trying to pwn all the things, QARK is just what you've been looking for! 

This tool combines Static Code Analysis with source-sink mapping, teaching by detailing misconfigurations, citing research detailing the issues and automatic exploitation into one, simple to use application! 

Our tool will review any Android app, either from source or APK, highlight version specific issues, detail your app's attack surface, inspect all your app components for misconfigurations and allow you to create on-demand proof-of-concept attack applications.


Keep up with the latest DevTest Jargon with the latest Mobile DevTest Dictionary. Brought to you in partnership with Perfecto.

Topics:
mobile ,android ,security ,static code analysis ,source-sink mapping

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}