SUMMARY
ISSUES SEVERITY
MANIFEST SCANNER
exported activity
MEDIUM
resources/AndroidManifest.xml
VULNERABILITIES
Weak Crypto Algorithms
MEDIUM
sources/org/bouncycastle/jcajce/provider/symmetric/DES.java
STRINGS
google api key
LOW
resources/res/values/strings.xml
ASSETS
url
LOW
resources/res/values/strings.xml
0 CRITICAL severity MANIFEST issues present
0 HIGH severity MANIFEST issues present
5 MEDIUM severity MANIFEST issues present
0 LOW severity MANIFEST issues present
0 INFO severity MANIFEST issues present
0 RESILIENCE severity MANIFEST issues present
0 CRITICAL severity VULNERABILITIES issues present
0 HIGH severity VULNERABILITIES issues present
30 MEDIUM severity VULNERABILITIES issues present
22 LOW severity VULNERABILITIES issues present
45 INFO severity VULNERABILITIES issues present
0 RESILIENCE severity VULNERABILITIES issues present
0 CRITICAL severity STRINGS issues present
0 HIGH severity STRINGS issues present
0 MEDIUM severity STRINGS issues present
553 LOW severity STRINGS issues present
0 INFO severity STRINGS issues present
0 RESILIENCE severity STRINGS issues present
0 CRITICAL severity ASSETS issues present
0 HIGH severity ASSETS issues present
0 MEDIUM severity ASSETS issues present
1151 LOW severity ASSETS issues present
0 INFO severity ASSETS issues present
0 RESILIENCE severity ASSETS issues present
ISSUES
Weak Crypto Algorithms - 5 issues
Non-parameterized SQL Query - 14 issues
Super user privileges may be requested - 5 issues
Possible Object Deserialization - 7 issues
Possible Task Hijacking - 6 issues
WebView ignores SSL errors - 1 issues
CBC Padding Oracle Attack Possible - 10 issues
Accept Self Signed Certificate - 4 issues
Insecure Random Used - 45 issues
MALWARES
0
MALWARES
APKiD
18
APKiD
STRINGS
Google API Key - 2 matches
Possible Secret Detected - 9 matches
Unknown High Entropy String - 533 matches
Possible UUID - 9 matches
ASSETS
URL - 246 matches
Hostname - 139 matches
File path - 197 matches
REST API - 233 matches
Filename - 40 matches
Relative Endpoint - 1 matches
PERMISSIONS SUMMARY
Permissions
Count
Safe
13
Risky
13
Dangerous
2
ASSETS WORDCLOUD
www.federalbank.co.in - 1 count
www.zetetic.net - 1 count
github.com - 1 count
bit.karza.in - 1 count
epifi-icons.s3.ap-south-1.amazonaws.com - 14 count
play.google.com - 2 count
api.rudderlabs.com - 2 count
hosted.rudderlabs.com - 1 count
ct.googleapis.com - 1 count
ct.cloudflare.com - 1 count
yeti2023.ct.digicert.com - 1 count
yeti2024.ct.digicert.com - 1 count
yeti2025.ct.digicert.com - 1 count
nessie2023.ct.digicert.com - 1 count
nessie2024.ct.digicert.com - 1 count
TRACKERS
4
TRACKERS
THIRD PARTY LIBRARIES
89
THIRD PARTY LIBRARIES
CONTACT
Website
Email
HIDE REPORT
Are you the developer or owner of this app? Choose to keep your report private from BeVigil's Search for 30 days.