Stheno (Σθεννώ) is a powerful tool designed for analyzing and manipulating intents in Android applications. Named after the sister of Medusa, Stheno is indeed a sub project of Medusa that brings formidable capabilities akin to Burp Suite but tailored specifically for intents. This tool is essential for Android penetration testers, developers, and security enthusiasts who seek to understand and secure their applications against intent-based vulnerabilities.
- Intent Interception: Capture and inspect intents sent and received by Android applications.
- Intent Modification (TODO): Modify intercepted intents to test how applications handle unexpected or malformed data.
- Intent Replay (TODO): Resend captured intents to test the stability and security of applications.
- Logging and Reporting (TODO): Detailed logging of all activities and comprehensive reporting to aid in vulnerability assessment.
Stheno can be used either as a standalone tool or in conjunction with Medusa.
-
Install the Requirements:
pip install -r requirements.txt
-
Build the Project: Navigate to the
Intent-monitorfolder and run:./gradlew build
If you are using Stheno with Medusa, only step 2 is necessary:
- Build the Project:
Navigate to the
Intent-monitorfolder and run:./gradlew build
- Run the python script defining the target app that you want to monitor (e.g.
python3 stheno.py -t com.foo.bar) - Run the monitor and got to menu->start to start monitoring the intents
We welcome contributions from the community! To contribute:
- Fork the repository.
- Create a new branch for your feature or bugfix.
- Implement your changes and test thoroughly.
- Submit a pull request with a detailed description of your changes.