Vuldroid

Vuldroid

64 Stars

Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code

jaiswalakshansh
Vulnerable-labs
May 27, 2025
64 stars
View on GitHub
Share on:
X LinkedIn Facebook WhatsApp Telegram Reddit Email
Category
Vulnerable-labs
GitHub Stars
64
Project Added On
May 27, 2025
Contributors
1

README.md

View on GitHub

Vuldroid

Awesome supports Android



Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code.

Vulnerabilities Covered:

  • Code Execution via Malicious App
  • Steal Files via Webview using XHR request
  • Steal Files using Fileprovider via Intents
  • Steal Password ResetTokens/MagicLoginLinks
  • Webview Xss via Exported Activity
  • Webview Xss via DeepLink
  • Intent Sniffing Between Two Applications
  • Reading User Email via Broadcasts

To Get started:

  • Install the APK from the repository and play around
  • Find the areas where you think this can be exploited
  • I have also written a blog that you can refer as walkthrough but make sure you try yourself first
  • If you want to use your own firebase project for authentication clone the repo and remove the google-services.json and add your project one.

Tool Information

Author

jaiswalakshansh

Project Added On

May 27, 2025

License

Open Source

Tags

android-application android-security application-security deeplink vulnerable-application webview-xss
View on GitHub

Related Tools

IWA-Java

IWA-Java

Insecure Web + API application with example Fortify integrations into many DevSecOps and CICD platforms

Stable
IWA-DotNet

IWA-DotNet

Insecure Web Application - .NET version

Stable
damn-vulnerable-MCP-server

damn-vulnerable-MCP-server

Damn Vulnerable MCP Server

Stable
View more Vulnerable-labs tools