Vuldroid

Vuldroid

64 Stars

Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code

jaiswalakshansh
Vulnerable-labs
May 27, 2025
64 stars
View on GitHub
Share on:
X LinkedIn Facebook WhatsApp Telegram Reddit Email
Category
Vulnerable-labs
GitHub Stars
64
Project Added On
May 27, 2025
Contributors
1

README.md

View on GitHub

Vuldroid

Awesome supports Android



Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code.

Vulnerabilities Covered:

  • Code Execution via Malicious App
  • Steal Files via Webview using XHR request
  • Steal Files using Fileprovider via Intents
  • Steal Password ResetTokens/MagicLoginLinks
  • Webview Xss via Exported Activity
  • Webview Xss via DeepLink
  • Intent Sniffing Between Two Applications
  • Reading User Email via Broadcasts

To Get started:

  • Install the APK from the repository and play around
  • Find the areas where you think this can be exploited
  • I have also written a blog that you can refer as walkthrough but make sure you try yourself first
  • If you want to use your own firebase project for authentication clone the repo and remove the google-services.json and add your project one.

Tool Information

Author

jaiswalakshansh

Project Added On

May 27, 2025

License

Open Source

Tags

android-application android-security application-security deeplink vulnerable-application webview-xss
View on GitHub

Related Tools

llm-sec

llm-sec

A hands-on learning platform for understanding and testing LLM security vulnerabilities

Stable
owasp-masvs

owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

Stable
IWA-Java

IWA-Java

Insecure Web + API application with example Fortify integrations into many DevSecOps and CICD platforms

Stable
View more Vulnerable-labs tools