What is Yaazhini ?
Yaazhini is the vulnerability scanner for android application APK and REST api service. This tool is widely used in many corporate companies to find vulnerabilities.
Why Yaazhini?
- Easy to use
- Scans android APK and Rest API
- Scan Android APK by just one click
- Scan Android Application REST API (emulator, device)
- Most and major vulnerabilities are covered
- Provides Vulnerability Details
- Generates Vulnerability Report
- Vulnerability and Risk level is provided
- Generates report and more
In Yaazhini we have two sections Yaazhini - Android Application APK Scanner & Yaazhini - Android Application API Scanner. These two section have separate facilities which gives boost to security and shows exact vulnerability.
Yaazhini - Android Application APK Scanner
In the APK scanner we have to upload the .apk file and click on scan, it automatically scans and displays all vulnerabilities available in the APK file.
Facilities of Yaazhini - Android Application APK Scanner
- Reverse Engineer the APK
- Shows all file like Android manifesto
- Can download source code
- Finds vulnerability of APK and other files
- Generates the report and more
Yaazhini - Android Application API Scanner
In this API scanner of yaazhini tool captures all request passing from device or emulator and send to yaazhini tool and later it scan for vulnerability and displays vulnerabilities.
Facilities of Yaazhini - Android Application API Scanner
- Intercept request from Android device and also from emulator
- Uses the OWASP top 10 standard
- Finds major vulnerabilities available in the API
- Generate reports and more
List of Vulnerabilities Covered in Yaazhini Android Application REST API Scanner
- SQL Injection
- Command Injection
- Header Injection
- Cross-site scripting – reflected
- Cross-site scripting – stored
- Cross-site scripting – DOM based
- Missing security headers
- Malicious JS script execution
- Using components with known vulnerabilities
- JQuery Vulnerabilities
- Angularjs Vulnerabilities
- Bootstrap Vulnerabilities
- Sensitive Information disclosure in response headers
- Sensitive Information disclosure in error messages
- Missing Server Side Validation
- JavaScript Dynamic Code Execution
- Sensitive Data Exposure and more
Related Articles
Yaazhini Vulnerability Report Generation
Vulnerability generating report is very important for any developers for better development of their site security. Generating a clear vulnerability report helps us to find the statistics, loopholes stuffs of the vulnerabilities in an organization ...How to perform API scan in Yaazhini
API Scanner In some ways, the most valuable asset your company owns is your data. Threats to that data have to be identified and it should be eliminated so you don’t put that data at risk. This is why security testing is so important. Application ...How to use Yaazhini Android Application REST API Scanner ?
Hey guys, This is another post for the Yaazhini tool, today we will the another module of the Yaazhini. In this Android Application REST API Scanner we will capture the API request from the android device or the emulator and scan it for the ...How to use Yaazhini Android Application APK Scanner ?
Hello friends, In the Yaazhini application we have two separate modules from which today we will discuss about the Yaazhini Android Application APK Scanner. Yaazhini tool for APK scanner will help you to scan all vulnerabilities in APK file in ...Mobile app security testing tutorial (Android Application APK Tutorial)
Yaazhini, one of the best mobile app free vulnerability finding tool. Here is the security testing tutorial video for APK. Steps to perform scan· Start the Yaazhini application. Provide the project name. Select the android APK file. Click on ...