apk-redteam-pipeline (Claude-BugHunter)
End-to-end Android APK red-team pipeline: acquire, decompile, secret-grep, and Frida-instrument.
๐ก๏ธ AgentReady threat assessment
MAESTRO 7-layer threat model + OWASP AIVSS risk score for apk-redteam-pipeline (Claude-BugHunter), derived from its capabilities.
AIVSS 9.0 ยท Critical
View MAESTRO 7-layer threat model โOverview
An offensive mobile skill that automates APK acquisition (Play Store + apkpure/apkmirror fallback), jadx decompilation, secret/URL/JWT/Firebase grep, pinned-cert extraction, exported-component enumeration, Frida runtime instrumentation templates, and intent-injection probes. Built from an authorized engagement that recovered a hardcoded JWT and 30 internal API endpoints. Surface: downloads and decompiles APKs and runs runtime instrumentation.
Key features
- Automated APK acquisition + jadx decompilation
- Secret/JWT/Firebase grep and cert extraction
- Frida instrumentation and intent-injection probes
Use cases
- Red-team an in-scope mobile app
- Recover hardcoded secrets and internal endpoints from an APK