OPEN REPORT MENU
SUMMARY
ISSUES SEVERITY
MANIFEST SCANNER
NA
NA
NA
VULNERABILITIES
Weak Crypto Algorithms
MEDIUM
sources/com/freshchat/consumer/sdk/j/aa.java
STRINGS
google api key
LOW
resources/res/values/strings.xml
ASSETS
file path
LOW
resources/AndroidManifest.xml
0 CRITICAL severity MANIFEST issues present
0 HIGH severity MANIFEST issues present
0 MEDIUM severity MANIFEST issues present
0 LOW severity MANIFEST issues present
0 INFO severity MANIFEST issues present
0 RESILIENCE severity MANIFEST issues present
0 CRITICAL severity VULNERABILITIES issues present
0 HIGH severity VULNERABILITIES issues present
17 MEDIUM severity VULNERABILITIES issues present
15 LOW severity VULNERABILITIES issues present
13 INFO severity VULNERABILITIES issues present
0 RESILIENCE severity VULNERABILITIES issues present
0 CRITICAL severity STRINGS issues present
0 HIGH severity STRINGS issues present
19 MEDIUM severity STRINGS issues present
25 LOW severity STRINGS issues present
0 INFO severity STRINGS issues present
0 RESILIENCE severity STRINGS issues present
0 CRITICAL severity ASSETS issues present
0 HIGH severity ASSETS issues present
13 MEDIUM severity ASSETS issues present
430 LOW severity ASSETS issues present
0 INFO severity ASSETS issues present
0 RESILIENCE severity ASSETS issues present
ISSUES
Weak Crypto Algorithms - 6 issues
Non-parameterized SQL Query - 3 issues
Tapjacking attack prevention by app - 1 issues
Possible Object Deserialization - 2 issues
CBC Padding Oracle Attack Possible - 7 issues
Accept Self Signed Certificate - 6 issues
Insecure Pending Intent - 1 issues
SSL pinning by app - 1 issues
Insecure Random Used - 12 issues
Check for rooted device by app - 4 issues
WebView javascript enabled - 1 issues
Storage of sensitive information in Shared Preferences - 1 issues
MALWARES
0
MALWARES
APKiD
2
APKiD
STRINGS
Google API Key - 3 matches
AWS Pool ID - 1 matches
Possible Secret Detected - 19 matches
Unknown High Entropy String - 10 matches
Possible UUID - 11 matches
ASSETS
File path - 139 matches
Filename - 7 matches
REST API - 49 matches
URL - 132 matches
Hostname - 85 matches
Relative Endpoint - 2 matches
PERMISSIONS SUMMARY
Permissions
Count
Safe
8
Risky
8
Dangerous
0
ASSETS WORDCLOUD
niyo-global.firebaseio.com - 1 count
niyopay.zendesk.com - 1 count
api.goniyo.com - 10 count
my.goniyo.com - 5 count
www.facebook.com - 2 count
twitter.com - 2 count
wa.me - 1 count
play.google.com - 2 count
www.hrblock.in - 1 count
www.goniyo.com - 1 count
s3.ap-south-1.amazonaws.com - 8 count
campaigns.goniyo.com - 1 count
www.mfine.co - 1 count
www.bharti-axagi.co.in - 1 count
qadbr.remit.in - 1 count
TRACKERS
4
TRACKERS
CleverTap
Google CrashLytics
Google Firebase Analytics
Wootric
THIRD PARTY LIBRARIES
59
THIRD PARTY LIBRARIES
Android Support v4
Jetpack Activity
Jetpack Annotation
AppCompat
Arch
Browser
Jetpack API
Jetpack UI
Androidx Core
Exifinterface
androidx.legacy
Lifecycle
Loader
Media
HIDE REPORT
Are you the developer or owner of this app? Choose to keep your report private from BeVigil's Search for 30 days.
HIDE
A smart companion for all your travels. (Powered By DCB Bank)<br><br>With Zero forex markup, Niyo offers much more than your typical travel card. We prioritise user-friendliness. With amazing features including In-app Card Controls, Currency Converter and ATM Locator. <br><br>What&#39;s more, your card will work seamlessly in 150+ countries!<br><br>We don&#39;t just take pride in what we&#39;ve built, we are also committed to continue creating an experience worth loving. We strive to create fans, not customers, be it with our products, services, or marketing efforts.