SUMMARY
ISSUES SEVERITY
MANIFEST SCANNER
exported activity
MEDIUM
resources/AndroidManifest.xml
VULNERABILITIES
Weak Crypto Algorithms
MEDIUM
sources/com/blankj/utilcode/util/EncryptUtils.java
STRINGS
google api key
LOW
resources/res/values/strings.xml
ASSETS
file path
LOW
resources/AndroidManifest.xml
0 CRITICAL severity MANIFEST issues present
0 HIGH severity MANIFEST issues present
7 MEDIUM severity MANIFEST issues present
0 LOW severity MANIFEST issues present
0 INFO severity MANIFEST issues present
0 RESILIENCE severity MANIFEST issues present
0 CRITICAL severity VULNERABILITIES issues present
1 HIGH severity VULNERABILITIES issues present
31 MEDIUM severity VULNERABILITIES issues present
23 LOW severity VULNERABILITIES issues present
28 INFO severity VULNERABILITIES issues present
0 RESILIENCE severity VULNERABILITIES issues present
0 CRITICAL severity STRINGS issues present
0 HIGH severity STRINGS issues present
43 MEDIUM severity STRINGS issues present
1789 LOW severity STRINGS issues present
0 INFO severity STRINGS issues present
0 RESILIENCE severity STRINGS issues present
0 CRITICAL severity ASSETS issues present
0 HIGH severity ASSETS issues present
5 MEDIUM severity ASSETS issues present
5940 LOW severity ASSETS issues present
0 INFO severity ASSETS issues present
0 RESILIENCE severity ASSETS issues present
ISSUES
Weak Crypto Algorithms - 3 issues
Non-parameterized SQL Query - 8 issues
Accepting all SSL certificates - 1 issues
Tapjacking attack prevention by app - 1 issues
Possible Object Deserialization - 11 issues
CBC Padding Oracle Attack Possible - 1 issues
Accept Self Signed Certificate - 12 issues
Insecure Pending Intent - 1 issues
WebView ignores SSL errors - 1 issues
Insecure Random Used - 28 issues
Use of SafetyNet API for device integrity check by app - 3 issues
Remote WebView debugging enabled - 2 issues
WebView javascript enabled - 4 issues
Check for rooted device by app - 3 issues
Storage of sensitive information in Shared Preferences - 4 issues
MALWARES
0
MALWARES
APKiD
8
APKiD
STRINGS
Google API Key - 3 matches
Generic API Key - 2 matches
Generic Basic Auth token - 1 matches
Possible Secret Detected - 42 matches
Possible UUID - 1772 matches
Unknown High Entropy String - 12 matches
ASSETS
File path - 2001 matches
URL - 1228 matches
REST API - 648 matches
Hostname - 719 matches
Relative Endpoint - 742 matches
Filename - 482 matches
PERMISSIONS SUMMARY
Permissions
Count
Safe
14
Risky
12
Dangerous
0
ASSETS WORDCLOUD
hdfcnewfcm.firebaseio.com - 1 count
play.google.com - 11 count
www.hdfcbank.com - 48 count
leads.hdfcbank.com - 2 count
apply.hdfcbank.com - 5 count
cbuat.hdfcbank.com - 1 count
www.backbase.com - 216 count
portaluat.hdfcbank.com - 17 count
applyonline.hdfcbank.com - 3 count
hdfc-uat-04.adobecqms.net - 1 count
mycards.hdfcbank.com - 1 count
www.sihub.in - 1 count
hbchat.senseforth.com - 2 count
api.whatsapp.com - 2 count
pzlive.page.link - 2 count
TRACKERS
8
TRACKERS
THIRD PARTY LIBRARIES
79
THIRD PARTY LIBRARIES
CONTACT
Website
Email
HIDE REPORT
Are you the developer or owner of this app? Choose to keep your report private from BeVigil's Search for 30 days.