- "adb devices": - "Show connected devices"- "adb root": - "Get a root shell - Works only on certain images. Example: LineageOS."- "adb reboot bootloader": - "Reboot the device into the boot loader mode"- "adb shell install -r": - "Install a new package (overwrite existing one)"- "adb push <local> <remote>": - "Upload a file from the laptop to the phone"- "adb pull <remote> <local>": - "Download a file from the phone to the laptop"- "adb shell dumpsys iphonesybinfo": - "Get the IMEI"- "adb get-serialno": - "Serial number of the device"- "adb shell pm list features": - "List the features of the smartphone"- "adb shell screencap -p \"/Path/To/Save/Image.png\"": - "Take a screenshot"- "adb shell screen record \"/Path/CaptureRecord.mp4\"": - "Capture a video of the device screen"- "adb shell am start -W -c android.intent.category.HOME -a android.intent.action.MAIN": - "Simulating pressing the Home Button"- "adb shell am start|startservice|broadcast <INTENT>": - "Start an Intent / service / broadcast receiver"- "adb logcat": - "System log information"- "adb bugreport": - "Dump the whole device information like dumpstate, dumpsys and logcat output. Important to get the Bluetooth Low Energy log!"
- "adb backup": - "Backup all applications that have the 'backup=true' in their Manifest.xml"- "fastboot devices": - "List available devices in fastboot mode"- "adb shell pm reset-permissions -p your.app.package": - "Resets all the permissions of an app"- "adb shell pm path <package name>": - "Shows the path to the APK which can be downloaded (see adb pull) even without root permissions."- "adb input touch <x> <y>": - "Perform a touch event at the given coordinates"
DEX Files
Use dex2jar to convert .dex files in .jar files.
d2j-dex2jarclasses.dex-oclasses.jar
Then analyze it with Jadx-gui
Using Nuclei to automate the proccess of finding endpoints and hidden information
Extract APK with APKtool
apktooldapp.apk-oapp_output_directory
Run Nuclei and find secrets keys and vulnerabilities
