Beetlebug is a beginner-friendly Capture the Flag Android application that aims to inspire interest in Mobile Application Security. It is geared towards developers, mobile penetration testers and bug hunters. Features include tracking user’s progress, flag completion state, and so much more!
- Hardcoded Secrets
- Insecure Data Storage
- Sensitive Information Disclosure
- Vulnerable Android IPC Components (Broadcast Receivers, Services & Content Providers)
- Vulnerable Webviews
- Fingerprint Authentication By-pass
- Insecure Deeplinks
- Firebase Database Misconfiguration
- SQLite Injection
- Input Validation (XSS)
You can compile the source code in Android Studio or use the button below to download the APK file.
I would love to hear from you about your experience with Beetlebug. Please send me an email at security@hafiz.ng with your feedback and possible ways to improve the app.