REPOSITORY OVERVIEWLive repository statistics
★ 760Stars
⑂ 163Forks
◯ 0Open issues
◉ 760Watchers
32/100
OPENREPOHUB HEALTH SIGNALLimited signals
A transparent discovery signal based on current public GitHub metadata.
Recent activity35% weight
0 Community adoption25% weight
57 Maintenance state20% weight
0 License clarity10% weight
100 Project information10% weight
75 This score does not audit code, security, maintainers, documentation quality, or suitability. Verify the repository and its current documentation before adoption.
README preview
InjuredAndroid - CTF
A vulnerable Android application with ctf examples based on bug bounty findings, exploitation concepts, and pure creativity.
Now available on Google Play! https://play.google.com/store/apps/details?id=b3nac.injuredandroid
Setup for a physical device
-
Download the latest release injuredandroid.apk from the releases or Google Play.
-
Enable USB debugging on your Android test phone.
-
Connect your phone and your pc with a usb cable.
-
Install via adb if installing from releases. adb install InjuredAndroid.apk. Note: You need to use the absolute path to the .apk file or be in the same directory.
Setup for an Android Emulator using Android Studio
-
Use adb to pull the apk off of your device or install after downloading the latest release apk.
-
Start the emulator from Android Studio (I recommend downloading an emulator with Google APIs so root adb can be enabled).
-
Drag and drop the .apk file on the emulator and InjuredAndroid.apk will install.
Build from source
-
git clone https://github.com/B3nac/InjuredAndroid.git
-
Create local.properties for the flutter_module
Example for Windows:
sdk.dir=C:\\Users\\B3nac\\AppData\\Local\\Android\\Sdk
flutter.sdk=C:\\Users\\YourUsername\\PathTo\\flutter
Example for Linux:
sdk.dir=/home/username/Android/Sdk
flutter.sdk=/home/username/flutter
- Set the Flutter path in Android Studio
File -> Settings -> Languages & Frameworks -> Flutter
-
Enable Dart Support in Android Studio
-
Run flutter pub get to import the flutter dependencies
-
Download the Android NDK that is required for the Assembly flag.
-
Now you should be able to compile the latest release of InjuredAndroid!
Tips and CTF Overview
Decompiling the Android app is highly recommended.
-
XSSTEST is just for fun and to raise awareness on how WebViews can be made vulnerable to XSS.
-
The login flags just need the flag submitted.
-
The flags without a submit that demonstrate concepts will automatically register in the "Flags Overview" Activity.
-
The exclamatory buttons on the bottom right will give users up to three tips for each flag.
Good luck and have fun! :D
Spoilers
Looking at the source code of the applications in the InjuredAndroid directory, InjuredAndroid-FlagWalkthroughs.md file, or binary source code in the Binaries directory will spoil some if not all of the ctf challenges.
ALGORITHMICALLY RELATEDSimilar Open-Source Projects
Selected from shared topics, language and repository description—not editorial ratings.
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
85/100 healthRecently updatedActive repositoryHas homepage
GoMIT#android#android-security#cli#csharp
⑂ 80 forks◯ 21 issuesUpdated 6 days ago
Project homepage ↗Collection of Android apps written in Kotlin created to exploit vulnerabilities and retrieve information from target apps.
27/100 healthActive repository
SmaliNo license
⑂ 0 forks◯ 0 issuesUpdated Jun 4, 2025