CloudSEK logo
AboutAsset ExplorerContactBlogScan App
LOGIN
keepass2android.keepass2android

Keepass2Android Password Safe

keepass2android.keepass2android (1.14-r4)

Security Rating
7.2
AVERAGE
DOWNLOAD REPORT
VIEW CERTIFICATE
HIDE REPORT
SHARE
Use BeVigil on your Phone
Download the BeVigil App
BeVigil playstore
BeVigil playstore
OPEN REPORT MENU
SUMMARY
ISSUES SEVERITY
MANIFEST SCANNER
exported activity
MEDIUM
resources/AndroidManifest.xml
VULNERABILITIES
weak crypto algorithms
LOW
sources/com/jcraft/jsch/jce/ARCFOUR128.java
STRINGS
possible uuid
LOW
resources/AndroidManifest.xml
ASSETS
file path
LOW
resources/res/values/strings.xml
0 CRITICAL severity MANIFEST issues present
0 HIGH severity MANIFEST issues present
19 MEDIUM severity MANIFEST issues present
0 LOW severity MANIFEST issues present
0 INFO severity MANIFEST issues present
0 RESILIENCE severity MANIFEST issues present
0 CRITICAL severity VULNERABILITIES issues present
0 HIGH severity VULNERABILITIES issues present
22 MEDIUM severity VULNERABILITIES issues present
6 LOW severity VULNERABILITIES issues present
20 INFO severity VULNERABILITIES issues present
0 RESILIENCE severity VULNERABILITIES issues present
0 CRITICAL severity STRINGS issues present
0 HIGH severity STRINGS issues present
0 MEDIUM severity STRINGS issues present
19 LOW severity STRINGS issues present
0 INFO severity STRINGS issues present
0 RESILIENCE severity STRINGS issues present
0 CRITICAL severity ASSETS issues present
0 HIGH severity ASSETS issues present
0 MEDIUM severity ASSETS issues present
1354 LOW severity ASSETS issues present
0 INFO severity ASSETS issues present
0 RESILIENCE severity ASSETS issues present
ISSUES
Weak Crypto Algorithms - 4 issues
Non-parameterized SQL Query - 1 issues
Accepting all SSL certificates - 2 issues
Possible Task Hijacking - 1 issues
Possible Object Deserialization - 1 issues
Accept Self Signed Certificate - 10 issues
Insecure Random Used - 19 issues
CBC Padding Oracle Attack Possible - 1 issues
Storage of sensitive information in Shared Preferences - 3 issues
Sensitive Information in Logs - 5 issues
Check for rooted device by app - 1 issues
MALWARES
0
MALWARES
APKiD
3
APKiD
STRINGS
Possible UUID - 5 matches
Possible Secret Detected - 11 matches
Unknown High Entropy String - 3 matches
ASSETS
File path - 36 matches
URL - 56 matches
Hostname - 28 matches
REST API - 737 matches
Filename - 2 matches
IP URL - 1 matches
PERMISSIONS SUMMARY
Permissions
Count
Safe
6
Risky
3
Dangerous
0
ASSETS WORDCLOUD
github.com - 1 count
crowdin.net - 1 count
philipp.crocoll.net - 1 count
openintents.googlecode.com - 1 count
www.googleapis.com - 8 count
xmlpull.org - 1 count
my.pcloud.com - 1 count
api.pcloud.com - 1 count
accounts.google.com - 4 count
oauth2.googleapis.com - 1 count
www.haibison.com - 1 count
support.google.com - 1 count
plus.google.com - 1 count
google.com - 1 count
developers.google.com - 1 count
TRACKERS
1
TRACKERS
OpenTelemetry (OpenCensus, OpenTracing)
THIRD PARTY LIBRARIES
59
THIRD PARTY LIBRARIES
Checker Framework
Android PackageManager
Android Support Library
Android Support v4
Jetpack Activity
Jetpack Annotation
AppCompat
Arch
Jetpack Autofill
Biometric
Browser
Jetpack API
Jetpack UI
Androidx Core
CONTACT
Website
https://github.com/PhilippC/keepass2android
Email
[email protected]
HIDE REPORT
Are you the developer or owner of this app? Choose to keep your report private from BeVigil's Search for 30 days.
HIDE
Keepass2Android is an open source password manager application for Android. It is compatible with the popular KeePass 2.x Password Safe for Windows and aims at simple synchronization between devices. Some highlights of the app: * Stores all your passwords in a securely encrypted vault * compatible with KeePass (v1 and v2), KeePassXC, MiniKeePass and many other KeePass ports * QuickUnlock: Unlock your database once with your full password, re-open it by typing just a few characters - or your fingerprint * Synchronize your vault using the cloud or your own server (Dropbox, Google Drive, SFTP, WebDAV and many more). You can use Keepass2Android Offline if you don t need this feature. * AutoFill service and integrated soft-keyboard to safely and easily pass the passwords to websites and apps * Many advanced features, e.g. support for AES/ChaCha20/TwoFish encryption, several TOTP variants, unlock with Yubikey, entry templates, child databases for sharing passwords and more * Free and Open-Source Bug reports and feature suggestions: https://github.com/PhilippC/keepass2android/ Documentation: https://github.com/PhilippC/keepass2android/blob/master/docs/Documentation.md Explanation regarding required permissions: https://github.com/PhilippC/keepass2android/blob/master/docs/Privacy-Policy.md