testing-android-intents-for-vulnerabilities
Installation
SKILL.md
Testing Android Intents for Vulnerabilities
When to Use
Use this skill when:
- Assessing Android app exported activities, services, receivers, and content providers
- Testing for intent injection and unauthorized component invocation
- Evaluating broadcast receiver security for sensitive data exposure
- Performing IPC-focused penetration testing on Android applications
Do not use on production devices without explicit authorization.
Prerequisites
- Rooted Android device or emulator with ADB
- Drozer agent installed on target device (
drozer agent.apk) - Drozer console on host (
pip install drozer) - Target APK decompiled with apktool for AndroidManifest.xml analysis
- Frida for runtime intent monitoring