The Android security testing framework formerly known as Mercury—and now called drozer—was released recently by MWR InfoSecurity. With drozer, companies using Android mobile devices now can safeguard their assets and IT infrastructure by running full, dynamic security assessments. A new drozer feature is the ability to compromise Android devices through publicly available exploits, something that helps organizations understand how a technical vulnerability on a mobile device can become a real threat to their business. Drozer unifies these publicly available exploits into a single framework and improves the quality of the exploitation code and payloads available to the penetration tester. Drozer provides support for any Android device running Android 2.1 and beyond, covering 99% of the devices in the market. The open-source tool is available to download from the MWR Labs Web site.
