SUMMARY
ISSUES SEVERITY
MANIFEST SCANNER
exported activity
MEDIUM
resources/AndroidManifest.xml
VULNERABILITIES
Weak Crypto Algorithms
MEDIUM
sources/com/freshchat/consumer/sdk/j/aa.java
STRINGS
generic basic auth token
MEDIUM
sources/com/j256/ormlite/misc/JavaxPersistence.java
ASSETS
file path
LOW
resources/res/values/strings.xml
0 CRITICAL severity MANIFEST issues present
0 HIGH severity MANIFEST issues present
7 MEDIUM severity MANIFEST issues present
0 LOW severity MANIFEST issues present
0 INFO severity MANIFEST issues present
0 RESILIENCE severity MANIFEST issues present
0 CRITICAL severity VULNERABILITIES issues present
0 HIGH severity VULNERABILITIES issues present
57 MEDIUM severity VULNERABILITIES issues present
41 LOW severity VULNERABILITIES issues present
48 INFO severity VULNERABILITIES issues present
0 RESILIENCE severity VULNERABILITIES issues present
0 CRITICAL severity STRINGS issues present
4 HIGH severity STRINGS issues present
28 MEDIUM severity STRINGS issues present
575 LOW severity STRINGS issues present
0 INFO severity STRINGS issues present
0 RESILIENCE severity STRINGS issues present
0 CRITICAL severity ASSETS issues present
0 HIGH severity ASSETS issues present
6 MEDIUM severity ASSETS issues present
2316 LOW severity ASSETS issues present
0 INFO severity ASSETS issues present
0 RESILIENCE severity ASSETS issues present
ISSUES
Weak Crypto Algorithms - 16 issues
Non-parameterized SQL Query - 11 issues
Tapjacking attack prevention by app - 2 issues
object_deserialization - 9 issues
insecure_pending_intent - 1 issues
webview_ignores_ssl_errors - 2 issues
insecure_random_java - 48 issues
accept_self_signed_cert - 9 issues
cbc_padding_oracle - 13 issues
WebView javascript enabled - 8 issues
Sensitive Information in Logs - 8 issues
WebView javascript and file access enabled - 3 issues
Remote WebView debugging enabled - 1 issues
Frida server detection by app - 1 issues
Check for rooted device by app - 5 issues
Storage of sensitive information in Shared Preferences - 6 issues
Use of SafetyNet API for device integrity check by app - 3 issues
MALWARES
0
MALWARES
APKiD
4
APKiD
STRINGS
generic_basic_auth_token - 4 matches
aws_pool_id - 1 matches
google_api_key - 4 matches
possible_secret - 24 matches
unknown_high_entropy_string - 566 matches
possible_uuid - 8 matches
ASSETS
file_path - 416 matches
url - 247 matches
host - 153 matches
relative_endpoint - 809 matches
rest_api - 420 matches
filename - 41 matches
PERMISSIONS SUMMARY
Permissions
Count
Safe
9
Risky
9
Dangerous
0
ASSETS WORDCLOUD
www.goalwise.com - 4 count
blog.goalwise.com - 1 count
goalwise.com - 1 count
goalwise.typeform.com - 1 count
github.com - 3 count
play.google.com - 5 count
staging.goalwise.com - 1 count
butler.razorpay.com - 1 count
cdn.razorpay.com - 2 count
lumberjack.razorpay.com - 1 count
www.goniyo.com - 14 count
firebasedynamiclinks.googleapis.com - 1 count
niyox.page.link - 2 count
uat-equitas.fnpaas.com - 2 count
s3-ap-southeast-1.amazonaws.com - 1 count
TRACKERS
7
TRACKERS
THIRD PARTY LIBRARIES
139
THIRD PARTY LIBRARIES
CONTACT
Website
Email
HIDE REPORT
Are you the developer or owner of this app? Choose to keep your report private from BeVigil's Search for 30 days.