SUMMARY
ISSUES SEVERITY
MANIFEST SCANNER
exported activity
MEDIUM
resources/AndroidManifest.xml
VULNERABILITIES
Weak Crypto Algorithms
MEDIUM
sources/org/apache/pdfbox/pdfwriter/COSWriter.java
STRINGS
razorpay key id
LOW
resources/AndroidManifest.xml
ASSETS
url
LOW
resources/res/values/strings.xml
0 CRITICAL severity MANIFEST issues present
0 HIGH severity MANIFEST issues present
13 MEDIUM severity MANIFEST issues present
0 LOW severity MANIFEST issues present
0 INFO severity MANIFEST issues present
0 RESILIENCE severity MANIFEST issues present
0 CRITICAL severity VULNERABILITIES issues present
1 HIGH severity VULNERABILITIES issues present
18 MEDIUM severity VULNERABILITIES issues present
42 LOW severity VULNERABILITIES issues present
27 INFO severity VULNERABILITIES issues present
0 RESILIENCE severity VULNERABILITIES issues present
0 CRITICAL severity STRINGS issues present
0 HIGH severity STRINGS issues present
64 MEDIUM severity STRINGS issues present
87 LOW severity STRINGS issues present
0 INFO severity STRINGS issues present
0 RESILIENCE severity STRINGS issues present
0 CRITICAL severity ASSETS issues present
0 HIGH severity ASSETS issues present
9 MEDIUM severity ASSETS issues present
3568 LOW severity ASSETS issues present
0 INFO severity ASSETS issues present
0 RESILIENCE severity ASSETS issues present
ISSUES
Weak Crypto Algorithms - 4 issues
Non-parameterized SQL Query - 1 issues
Accepting all SSL certificates - 1 issues
Super user privileges may be requested - 4 issues
object_deserialization - 11 issues
android_ssl_pinning_good - 4 issues
insecure_activity_start - 5 issues
insecure_random_java - 23 issues
accept_self_signed_cert - 8 issues
cbc_padding_oracle - 5 issues
insecure_broadcast - 1 issues
WebView javascript enabled - 6 issues
Check for rooted device by app - 7 issues
Storage of sensitive information in Shared Preferences - 4 issues
Use of SafetyNet API for device integrity check by app - 3 issues
Remote WebView debugging enabled - 1 issues
MALWARES
0
MALWARES
APKiD
6
APKiD
STRINGS
razorpay_key_id - 4 matches
google_api_key - 2 matches
generic_api_key - 2 matches
atlassian_api_key - 2 matches
possible_secret - 62 matches
unknown_high_entropy_string - 71 matches
ASSETS
url - 319 matches
host - 164 matches
file_path - 322 matches
filename - 57 matches
relative_endpoint - 131 matches
rest_api - 630 matches
PERMISSIONS SUMMARY
Permissions
Count
Safe
15
Risky
12
Dangerous
1
ASSETS WORDCLOUD
getandy.xyz - 1 count
assets.juspay.in - 2 count
buddy-d1a.firebaseio.com - 1 count
logs.juspay.in - 3 count
debug.logs.juspay.net - 2 count
yellowmessenger.github.io - 1 count
play.google.com - 3 count
api.rudderlabs.com - 1 count
hosted.rudderlabs.com - 1 count
slicepay.in - 1 count
app.yellowmessenger.com - 3 count
d3e0hckk6jr53z.cloudfront.net - 1 count
sandbox.juspay.in - 1 count
api.juspay.in - 1 count
res.cloudinary.com - 5 count
TRACKERS
7
TRACKERS
THIRD PARTY LIBRARIES
90
THIRD PARTY LIBRARIES
CONTACT
Website
Email
HIDE REPORT
Are you the developer or owner of this app? Choose to keep your report private from BeVigil's Search for 30 days.