ivan-sincek
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎README.md‎
Lines changed: 31 additions & 27 deletions b/‎README.md‎
Lines changed: 31 additions & 27 deletions
diff --git a/‎img/accessibility_monitor.png‎
1.29 KB b/‎img/accessibility_monitor.png‎
1.29 KB
diff --git a/‎img/broadcast_monitor.png‎
800 Bytes b/‎img/broadcast_monitor.png‎
800 Bytes
diff --git a/‎img/clipboard.png‎
-1.06 KB b/‎img/clipboard.png‎
-1.06 KB
diff --git a/‎img/deep_link_callback.png‎
46.5 KB b/‎img/deep_link_callback.png‎
46.5 KB
diff --git a/‎img/deep_link_fuzzing.png‎
25.5 KB b/‎img/deep_link_fuzzing.png‎
25.5 KB
diff --git a/‎img/enumeration.png‎
-549 KB b/‎img/enumeration.png‎
-549 KB
diff --git a/‎img/enumeration_1.png‎
560 KB b/‎img/enumeration_1.png‎
560 KB
diff --git a/‎img/enumeration_2.png‎
542 KB b/‎img/enumeration_2.png‎
542 KB
@@ -34,5 +34,6 @@ google-services.json
 # Android Profiling
 *.hprof
 
+# Other
 *.DS_Store
 .vscode/
@@ -6,30 +6,30 @@ As a security engineer, do you struggle with validating bug bounty reports, perf
 
 I've got you covered - all from the comfort of your own device!
 
-[YouTube: Malware APK v5.0 - Proxy Intent Injection PoC](https://youtube.com/shorts/hMcJ4JhPhnQ)
+**NOTE: This is a testing / exploitation tool, not a vulnerability scanner. Identifying security vulnerabilities requires manually reverse‑engineering the APKs and reviewing the code.**
 
----
+**NOTE: Rooting your device is not required.**
 
-**Rooting your device is not required.**
+Built with Android Studio v2025.2.3 (64-bit) (JDK 17) and tested on multiple virtual devices, as well as, on Samsung Galaxy Note S20 Ultra with Android OS v13.0 (Tiramisu) physical device.
 
-For more tips and tricks check my [Android Penetration Testing Cheat Sheet](https://github.com/ivan-sincek/android-penetration-testing-cheat-sheet).
+[YouTube: Malware APK v5.0 - Proxy Intent Injection PoC](https://youtube.com/shorts/hMcJ4JhPhnQ)
 
----
+For more tips and tricks check my [Android Penetration Testing Cheat Sheet](https://github.com/ivan-sincek/android-penetration-testing-cheat-sheet).
 
-Built with Android Studio v2025.2.3 (64-bit) (JDK 17) and tested on multiple virtual devices, as well as, on Samsung Galaxy Note S20 Ultra with Android OS v13.0 (Tiramisu) physical device.
 
 Made for educational purposes. I hope it will help!
 
 Future plans:
 
 * add an option to bind to a service,
+* add an option to nest unlimited number of intents when testing intent filters,
 * add an option to specify intent categories,
+* add an option to specify `HashMap` type in intent extras,
 * add an option to specify `null` value in intent extras,
-* add an option to specify `Bundle` and `HashMap` types in intent extras,
 * add an option to the broadcast monitor to cache and replay intercepted intents,
 * add a content encoding and decoding section,
-* add a log toolbar with search, copy, scroll to top, and more,
-* add a project to easily compile native `.so` libraries for arbitrary code execution,
+* add a log toolbar with options to search, copy, and download actions,
+* add a project template to easily compile native `.so` libraries for arbitrary code execution (RCE),
 * add more UI customizations.
 
 ## Table of Contents
@@ -128,9 +128,13 @@ URIs for internal quality assurance:
 
 **#4:** List system or user installed packages.
 
-<p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/enumeration.png" alt="Enumeration" height="600em"></p>
+<p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/enumeration_1.png" alt="Enumeration" height="600em"></p>
+
+<p align="center">Figure 3 - Enumeration (1)</p>
+
+<p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/enumeration_2.png" alt="Enumeration" height="600em"></p>
 
-<p align="center">Figure 3 - Enumeration</p>
+<p align="center">Figure 4 - Enumeration (2)</p>
 
 ### Intent
 
@@ -223,31 +227,31 @@ When testing proxy intent injections to access private data, you will often need
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/deep_link_fuzzing.png" alt="Deep Link Fuzzing" height="600em"></p>
 
-<p align="center">Figure 4 - Deep Link Fuzzing</p>
+<p align="center">Figure 5 - Deep Link Fuzzing</p>
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/pending_intent_injection_1.png" alt="Pending Intent Injection P1" height="600em"></p>
 
-<p align="center">Figure 5 - Pending Intent Injection P1</p>
+<p align="center">Figure 6 - Pending Intent Injection P1</p>
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/pending_intent_injection_2.png" alt="Pending Intent Injection P2" height="600em"></p>
 
-<p align="center">Figure 6 - Pending Intent Injection P2</p>
+<p align="center">Figure 7 - Pending Intent Injection P2</p>
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/intent_injection_1.png" alt="Intent Injection P1" height="600em"></p>
 
-<p align="center">Figure 7 - Intent Injection P1</p>
+<p align="center">Figure 8 - Intent Injection P1</p>
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/intent_injection_2.png" alt="Intent Injection P2" height="600em"></p>
 
-<p align="center">Figure 8 - Intent Injection P2</p>
+<p align="center">Figure 9 - Intent Injection P2</p>
 
 ### Broadcast Monitor
 
 **#1:** Listen for a broadcast intent from another app and extract sensitive information from the intent extras.
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/broadcast_monitor.png" alt="Broadcast Monitor" height="600em"></p>
 
-<p align="center">Figure 9 - Broadcast Monitor</p>
+<p align="center">Figure 10 - Broadcast Monitor</p>
 
 ### Web
 
@@ -273,11 +277,11 @@ When testing proxy intent injections to access private data, you will often need
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/web.png" alt="Web" height="600em"></p>
 
-<p align="center">Figure 10 - Web</p>
+<p align="center">Figure 11 - Web</p>
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/deep_link_callback.png" alt="Deep Link Callback" height="600em"></p>
 
-<p align="center">Figure 11 - Deep Link Callback</p>
+<p align="center">Figure 12 - Deep Link Callback</p>
 
 ### Task Hijacking
 
@@ -289,7 +293,7 @@ Read more about the taskjacking [here](https://developer.android.com/privacy-and
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/taskjacking.png" alt="Taskjacking" height="600em"></p>
 
-<p align="center">Figure 12 - Taskjacking</p>
+<p align="center">Figure 13 - Taskjacking</p>
 
 ### Tap Hijacking
 
@@ -301,7 +305,7 @@ Read more about tapjacking [here](https://developer.android.com/privacy-and-secu
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/tapjacking.png" alt="Tapjacking" height="600em"></p>
 
-<p align="center">Figure 13 - Tapjacking</p>
+<p align="center">Figure 14 - Tapjacking</p>
 
 ### Accessibility Monitor
 
@@ -311,15 +315,15 @@ Read more about the solution [here](https://developer.android.com/reference/andr
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/accessibility_monitor.png" alt="Accessibility Monitor" height="600em"></p>
 
-<p align="center">Figure 14 - Accessibility Monitor</p>
+<p align="center">Figure 15 - Accessibility Monitor</p>
 
 ### Notification Monitor
 
 **#1**: Extract sensitive information from a push notification of another app by abusing the notification service.
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/notification_monitor.png" alt="Notification Monitor" height="600em"></p>
 
-<p align="center">Figure 15 - Notification Monitor</p>
+<p align="center">Figure 16 - Notification Monitor</p>
 
 ### Clipboard
 
@@ -329,7 +333,7 @@ Read more about the solution [here](https://developer.android.com/reference/andr
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/clipboard.png" alt="Clipboard" height="600em"></p>
 
-<p align="center">Figure 16 - Clipboard</p>
+<p align="center">Figure 17 - Clipboard</p>
 
 ### State Manager
 
@@ -339,14 +343,14 @@ Read more about the solution [here](https://developer.android.com/reference/andr
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/state_manager.png" alt="State Manager" height="600em"></p>
 
-<p align="center">Figure 17 - State Manager</p>
+<p align="center">Figure 18 - State Manager</p>
 
 ### Settings
 
 **#1:** Additional system controls and UI customizations.
 
-**#2:** Biometric unlock prompts only once at launch. Clear all tasks to enable it again.
+**#2:** Biometric unlock prompts only once at launch. Clear all tasks to fully exit the app and re-enable it.
 
 <p align="center"><img src="https://github.com/ivan-sincek/malware-apk/blob/main/img/settings.png" alt="Settings" height="600em"></p>
 
-<p align="center">Figure 18 - Settings</p>
+<p align="center">Figure 19 - Settings</p>