selimwdev

selimwdev / SelimDroid

Public

SelimDroid - Automated Android Dynamic Security Scanner

12
1
75% credibility
Found May 17, 2026 at 12 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
JavaScript
AI Summary

SELIMDROID is a professional security testing framework designed for authorized penetration testers and security researchers to automatically analyze Android applications for vulnerabilities. The tool uses runtime inspection to check for data leakage, insecure storage practices, memory exposure, session management flaws, and security misconfigurations. It can also test whether apps properly protect against common attack techniques like root detection bypasses and SSL pinning bypasses. The framework generates comprehensive reports of findings and is intended for use only with explicit permission on applications you own or have been authorized to test.

How It Works

1
🔍 You discover a security testing tool

You hear about SELIMDROID from a colleague who says it can automatically check Android apps for security problems.

2
📚 You learn what it checks

The tool can find apps that leak passwords, expose private data, or leave sensitive information even after you log out.

3
📱 You connect your Android device

You plug in your phone or emulator and the tool prepares to examine any app you choose.

4
🎯 You pick an app to test

You enter the name of the app you want to check, and the framework springs into action automatically.

5
The tool runs multiple checks
🔐
Security bypass tests

It checks if the app can be tricked into thinking the device isn't jailbroken, and if encryption checks can be fooled.

📋
Data exposure tests

It scans databases, shared files, and logs to find emails, tokens, or passwords that shouldn't be there.

6
📝 You get a complete security report

All findings are gathered into one clear report showing exactly what vulnerabilities exist and how serious they are.

You know what to fix

You now have a detailed list of security issues to share with developers so they can make the app safer for everyone.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 12 to 12 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is SelimDroid?

SelimDroid is an automated dynamic security scanner for Android that runs security checks directly against a live, running app. Instead of static analysis (which is just reading code), this hooks into the app at runtime using Frida and watches what it actually does: where it stores data, how it handles SSL certificates, whether it leaks tokens after logout, and whether root detection can be bypassed. The scanner is written in JavaScript with Frida hooks paired to a Python orchestrator that manages the workflow. You point it at a package name, and it spawns the app, injects hooks, runs through a battery of tests, prompts you for interaction when needed, and spits out a consolidated vulnerability report.

Why is it gaining traction?

The real hook here is coverage and automation. Most Android security tools make you piece together separate utilities for SSL pinning bypass, root detection evasion, database inspection, and post-logout session checks. SelimDroid bundles all of this into one workflow that requires only a package name to start. The interactive testing mode is also a differentiator: it pauses for you to log in, log out, or trigger specific flows, then validates the app's behavior at each step. For pentesters and researchers, this cuts down the repetitive manual work significantly.

Who should use this?

Mobile security researchers running authorized assessments on Android applications will get the most value here. Penetration testers who need to quickly profile an app's runtime behavior will appreciate the one-command startup. Android developers doing pre-release security audits can use it to find accidental data leaks or missing FLAG_SECURE implementations without setting up a full testing lab. If you're not working with Android security professionally, this is probably overkill.

Verdict

SelimDroid has solid fundamentals and a genuinely useful feature set for its audience. However, with only 12 stars and a credibility score of 0.75%, it's extremely early-stage and lacks the community validation that enterprise security teams typically require before adopting tooling. The documentation is readable but thin on troubleshooting, and there's no evidence of automated testing in the repository. Treat this as a promising proof-of-concept from an individual researcher rather than production-grade tooling. If your workflow demands high confidence, wait for a more mature release or validate thoroughly in a controlled environment first.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.