Nathan is a 5.1.1 SDK 22 AOSP Android emulator customized to perform mobile security assessment.
Nathan android emulator is equipped and pre installed with the following modules, framework & tools :
1. Xposed Framework
2. SSLUnpinning : To bypass SSL Certificate pinning.
4. Inspeckage : To perform the dynamic analysis of an application.
4. RootCloak : To bypass root detection.
5. SuperSU: Superuser access management tool.
6. Drozer : Comprehensive security and attack framework for Android
> Only python 2.7.x required
> Hooking ready with Xposed
> Pre-installed tools for application analysis
> Fully customizable
> Snapshot and restore of user data
Download it from GitHub :
$ git clone https://github.com/mseclab/nathan/
$ cd nathan
$ ./nathan.py init
After running it for the first time, If a proxy is required to download the firmware files then, the parameter -dp is available :
$ ./nathan.py init -dp 127.0.0.1
The init command will download all the files required to run use Nathan Emulator.
$ ./nathan.py start
To redirect the traffic through a proxy, you can use the -p parameter.
$ ./nathan.py start -p http://127.0.0.1:8080
Every time when you will start the emulator, a temporary copy of system image is created and each changes made to system data is lost when the Nathan emulator is powered off.
You can use the freeze command to permanent the changes :
$ ./nathan.py freeze
To Push files from a folder to a running Emulator, you can use the push command :
$ ./nathan.py push -f folder
The complete list of command is :
usage: nathan.py [-h] [-v] [-a ARCH]
If you liked this post, share it with your friends.