OWASP Droid10 is an opensource handheld based (android) web pen testing tool. It can scan for web application vulnerability from any android device.Some features can be customized according to testers need. Droid10 is a handheld system based (android) web pen testing tool. It can scan for web application bugs from any android device. The world is moving towards handheld systems . There isn't any mobile based tool from owasp to do web app pen testing from handheld systems . This app is going to be OWASP first ever mobile app to test web app security. Apart from this this tool will be developed in such a way that it can be customized in an easy way .User supplied vectors can be added easily . It will have encoders,decoders and they can be integrated with different modules easily example (Url encoding with XSS Module). In short this project will have the combined features of modern day scanners as an a mobile app .
Some cool features list:
- Automated Scan - Automated Scan to find vulnearabilities
- Live Scan - Live View of results against attack vectors
- Repeater - Request / Response Tester
You too can extend the project
- Easy to add new modules
- Easy to add new vectors
- Easy to maintain
And this is still in development phase!
System.out.out.println("More features will be added soon");
This is on OWASP website. This project will soon be available in Google's Play Store.
If you would like to be a contributor to this project please contact me.