ynsmroztas / AndroHunter

Public

100% credibility

Found Mar 09, 2026 at 27 stars -- GitGems finds repos before they trend. Get early access to the next one.

AI Analysis

Java

AI Summary

AndroHunter is a native Android app toolkit that lets users analyze installed applications for security weaknesses through on-device static and dynamic testing tools.

How It Works

🔍 Discover AndroHunter

You find this handy phone tool for checking app security while looking for ways to test Android apps safely.

📱 Install on your phone

Download the app file to your Android phone and tap to add it, just like any other app.

🌐 Pick your language

Open the app for the first time and choose English or Turkish so everything feels familiar.

📋 Browse your apps

See a simple list of all apps on your phone, with quick notes on versions and any open access points.

🎯 Analyze a target app

Tap any app to explore its inner workings, spotting exported parts or hidden secrets with easy color codes.

🧪 Run fun tests

Try sending test messages to app parts or scan code for passwords, watching live results pop up.

✅ Get security insights

Review clear results like red for risks or green for safe, feeling empowered to report issues or learn more.

Sign up to see the full architecture

5 more

Star Growth

See how this repo grew from 27 to 27 stars Sign Up Free

Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose

AI-Generated Review

What is AndroHunter?

AndroHunter is an on-device Android security toolkit built in Kotlin with Jetpack Compose, letting bug bounty hunters and pen testers analyze apps without root or a PC for most tasks. It scans installed APKs for secrets in DEX files, views manifests for exported components, fuzzes intents and content providers, generates Frida scripts, and intercepts HTTP traffic via a local proxy. You get a dark terminal-style UI for quick dynamic tests like broadcast injection and path traversal on FileProviders.

Why is it gaining traction?

It packs a full Android attack surface toolkit into one native app—no decompilers, ADB chains, or external tools needed—making fieldwork faster for on-device hunts. Features like automated SQLi payloads for providers, severity-rated secret scans, and one-tap Frida/ADB commands stand out over fragmented scripts or desktop-heavy alternatives. The MIT license and build-from-source simplicity hook tinkerers.

Who should use this?

Mobile security researchers hunting Android bugs on HackerOne or Intigriti, especially those testing live devices in bug bounties. Pen testers probing intents, providers, and SSL pinning without setup overhead. Bug hunters targeting exported components or hardcoded secrets in production apps.

Verdict

Grab it if you're in Android pentesting—solid feature depth for an early project, despite 19 stars and 1.0% credibility signaling room for polish. Build and test locally; contribute to stabilize for production hunts.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.

Stars

Forks

106

Followers

Base stars: 27 stars

Penalty: Very new repo (0d): -70%

Bonus: AI verified quality (100%)

Account age: 2,288 days

Repo age: 0 days

Updated: Mar 09, 2026