KishorBal

KishorBal / deep-C

Public

Android deeplink misconfiguration detector and exploitation tool

64
9
69% credibility
Found Feb 04, 2026 at 23 stars 3x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

Deep-C is a security testing tool that scans Android apps for vulnerable deep links, verifies issues, and creates demonstration tests for penetration testers.

How It Works

1
🔍 Discover Deep-C

You find this helpful tool while searching for ways to test Android app security against sneaky link tricks.

2
🛠️ Prepare your setup

You gather free helper programs on your computer to unpack apps and connect test phones.

3
📱 Connect a test device

You link up an Android phone or virtual tester so you can run safety checks on it.

4
📁 Pick an app to check

You choose the app file you want to scan for weak spots in how it opens special links.

5
🚀 Start the deep scan

You launch the tool and watch it carefully examine the app for risky entry points and bad patterns.

6
Choose review style
Quick scan

Get fast results with built-in smarts to spot issues right away.

🧠
AI boost

Connect a thinking helper service to review findings and cut down false alarms.

7
🎯 Get test scenarios

You receive clear explanations of issues plus ready-to-try commands to prove them on your device.

Secure and report

You run the tests safely, confirm the risks, and use the detailed report to fix or share insights.

Sign up to see the full architecture

6 more

Sign Up Free

Star Growth

See how this repo grew from 23 to 64 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is deep-C?

Deep-C is a Python tool that scans Android APKs for deeplink misconfigurations, spotting exposed android deeplink activities, android deeplink https schemes, and android deeplink intents in the android deeplink manifest. It decompiles apps to check for weak pathpatterns, android deeplink with parameters, and sensitive paths like login or payment, then outputs android deeplink json reports with static confidence scores. Users get ready-to-run android deep link adb PoCs, plus optional AI review to validate real exploitability like intent hijacking or WebView abuse.

Why is it gaining traction?

It stands out by generating executable adb commands for PoCs—run with --exec on a connected device—and merging AI verdicts from OpenAI to cut false positives without inventing issues. CLI options like --ai-review keep it lightweight, while JSON exports detail reasoning, android deeplink pathpattern flaws, and merged confidence for easy integration into CI like android github actions build. Devs dig the focus on browsable activities and custom schemes over generic scans.

Who should use this?

Android security researchers probing deepc github tools for red team ops, mobile pentesters auditing app links during assessments, and bug bounty hunters targeting android deeplink activity bypasses. Ideal for teams using adb in workflows, like validating exported components before android github app releases or in android github codespaces.

Verdict

Promising for niche deep link hunting, with solid README docs and PoC automation, but at 25 stars and 0.7% credibility score, it's early-stage—test thoroughly on non-prod APKs first. Grab it if manual manifest dives bore you, but pair with established tools until maturity grows.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.