https://github.com/satishpatnayak/MyTest/blob/master/AndroGoat.

apk

https://pentestguy.com/setup-drozer-on-kali-linux/ -3.0.1 need

https://github.com/WithSecureLabs/drozer-agent/releases/

Apk: https://github.com/as0ler/Android-Tools/blob/master/drozer/drozer-agent-2.3.4.apk
adb install drozer-agent-2.3.4.apk

https://blog.dixitaditya.com/android-pentesting-cheatsheet?x-host=blog.dix
itaditya.com
https://www.hackingarticles.in/android-penetration-testing-drozer/
Starting a session
■ adb forward tcp:31415 tcp:31415
■ drozer console connect
■ drozer console connect --server <ip>
○ List modules
■ ls
■ ls activity
○ Retrieving package information
■ run app.package.list -f jakhar.aseem.diva
■ run app.package.info -a <package name>
○ Identifying the attack surface
■ run app.package.attacksurface <package name>
○ Exploiting Activities
■ run app.activity.info -a <package name> -u
■ run app.activity.start --component <package name> <component
name>
■ adb shell am start -n jakhar.aseem.diva/.APICredsActivity
■ run app.activity.start --component <package name> <component
name> --extra <type> <key> <value>
○ Exploiting Content Provider
■ run app.provider.info -a <package name>
■ run scanner.provider.finduris -a <package name>
■ run app.provider.query <uri>
■ run app.provider.update <uri> --selection <conditions>
<selection arg> <column> <data>
■ run scanner.provider.sqltables -a <package name>
■ run scanner.provider.injection -a <package name>
■ run scanner.provider.traversal -a <package name>
○ Exploiting Broadcast Receivers
■ run app.broadcast.info -a <package name>
 ■ run app.broadcast.send --component <package name> <component
name> --extra <type> <key> <value>
■ run app.broadcast.sniff --action <action>
○ Exploiting Service
■ run app.service.info -a <package name>
■ run app.service.start --action <action> --component <package
name> <component name>
■ run app.service.send <package name> <component name> --msg
<what> <arg1> <arg2> --extra <type> <key> <value>
--bundle-as-obj

In kali
Drozer installation
HOW TO INSTALL DROZER IN KALI LINUX
So the whole last year i have been hving trouble installing drozer in kali linuz without necessarily
using it in docker.
In this article I will be showing you how i was able to successfully install drozer in kali linux
2020.4.

First we have to install pip2.7 in our kali machine which is do by:

wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
After doing this we get the get-pip.py in the folder we are in. So we use python2 to install the
pip2.7 using the get-pip.py.

sudo python2 get-pip.py

Use which command to verify whether it is installed:

┌──(c0d3x㉿pawn)-[~/Extracted/Software]
└─$ which pip2.7
/usr/local/bin/pip2.7

After this we have to wget the drozer whl from github:

wget
https://github.com/FSecureLABS/drozer/releases/download/2.4.4/drozer-2.4.4-py2-none-any.whl
After doing so, we install the whl using pip2.7

sudo pip2.7 install drozer-2.4.4-py2-none-any.whl

After doing so drozer is successfully installed but when we try to run in it, it requests us to install
twisted
First I did pip2.7 install twisted but i got an error. I did some research and i was able to fix it by
installing setuptools.

pip2.7 install setuptools

After that I repeated installing twisted

pip2.7 install twisted