Update tools for consistency, deprecate MASTG-TOOL-0008, MASTG-TOOL-0027, MASTG-TOOL-0051 and introduce MASTG-TOOL-0149 (LSPosed) (#3705)

* Update tools for consistency

* Add sources

* Fix linting

* Fix links

* Rename 0149

* Add correct references for LSPosed

* Update drozer link

* Fix frida links

* Apply suggestions from code review

* Fix URLs

* Update tools/android/MASTG-TOOL-0027.md

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Fix withsecure references

* typo

* Apply suggestions from code review

---------

Co-authored-by: Jeroen <thedauntless@gmail.com>
Co-authored-by: Carlos Holguera <perezholguera@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Author: 4 people

tools/android/MASTG-TOOL-0001.md

@@ -1,6 +1,7 @@
 ---
-title: Frida for Android
+title: Frida (Android)
 platform: android
+source: https://github.com/frida/frida
 ---
 
 Frida supports interaction with the Android Java runtime through the [Java API](https://www.frida.re/docs/javascript-api/#java "Frida - Java API"). You'll be able to hook and call both Java and native functions inside the process and its native libraries. Your JavaScript snippets have full access to memory, e.g. to read and/or write any structured data.
@@ -15,16 +16,13 @@ Here are some tasks that Frida APIs offer and are relevant or exclusive to Andro
 
 Remember that on Android, you can also benefit from the built-in tools provided when installing Frida, which include the Frida CLI (`frida`), `frida-ps`, `frida-ls-devices`, and `frida-trace`, to name some of them.
 
-Frida is often compared to Xposed. However, this comparison is far from fair, as both frameworks were designed with different goals in mind. This is important to understand as an app security tester so that you can know which framework to use in which situation:
+Frida is often compared to @MASTG-TOOL-0027 or @MASTG-TOOL-0149. However, this comparison is far from fair, as both frameworks were designed with different goals in mind. This is important to understand as an app security tester so that you can know which framework to use in which situation:
 
 - Frida is standalone. All you need is to run the frida-server binary from a known location in your target Android device (see "Installing Frida" below). This means that, in contrast to Xposed, it is not _deep_ installed in the target OS.
 - Reversing an app is an iterative process. As a consequence of the previous point, you obtain a shorter feedback loop when testing, as you don't need to (soft) reboot to apply or simply update your hooks. So you might prefer to use Xposed when implementing more permanent hooks.
 - You may inject and update your Frida JavaScript code on the fly at any point during the runtime of your process (similarly to Cycript on iOS). This way, you can perform the so-called _early instrumentation_ by letting Frida spawn your app, or you may prefer to attach to a running app that you might have brought to a certain state.
 - Frida can handle both Java and native code (JNI), allowing you to modify both of them. This is, unfortunately, a limitation of Xposed, which lacks native code support.
 
-!!! note
-    Xposed, as of early 2019, does not yet work on Android 9 (API level 28).
-
 ## Installing Frida on Android
 
 In order to set up Frida on your Android device:

tools/android/MASTG-TOOL-0002.md

@@ -1,5 +1,5 @@
 ---
-title: MobSF for Android
+title: MobSF (Android)
 platform: android
 source: https://github.com/MobSF/Mobile-Security-Framework-MobSF
 ---

tools/android/MASTG-TOOL-0003.md

@@ -1,6 +1,7 @@
 ---
-title: nm - Android
+title: nm (Android)
 platform: android
+source: https://ftp.gnu.org/gnu/binutils/
 ---
 
-nm is a tool that displays the name list (symbol table) of the given binary. You can find here more information for the [Android (GNU)](<https://ftp.gnu.org/old-gnu/Manuals/binutils-2.12/html_node/binutils_4.html> "nm -binutils") version.
+nm is a tool that displays the name list (symbol table) of the given binary. [More information for the Android (GNU)](https://ftp.gnu.org/old-gnu/Manuals/binutils-2.12/html_node/binutils_4.html "nm -binutils") version.

tools/android/MASTG-TOOL-0004.md

@@ -1,9 +1,10 @@
 ---
 title: adb
 platform: android
+source: https://developer.android.com/studio/command-line/adb
 ---
 
-[adb](https://developer.android.com/studio/command-line/adb "Android Debug Bridge") (Android Debug Bridge), shipped with the Android SDK, bridges the gap between your local development environment and a connected Android device. You'll usually leverage it to test apps on the emulator or a connected device via USB or Wi-Fi. Use the `adb devices` command to list the connected devices and execute it with the `-l` argument to retrieve more details on them.
+adb, shipped with the Android SDK, bridges the gap between your local development environment and a connected Android device. You'll usually leverage it to test apps on the emulator or a connected device via USB or Wi-Fi. Use the `adb devices` command to list the connected devices and execute it with the `-l` argument to retrieve more details on them.
 
 ```bash
 $ adb devices -l

tools/android/MASTG-TOOL-0005.md

@@ -1,6 +1,7 @@
 ---
 title: Android NDK
 platform: android
+source: https://developer.android.com/ndk/guides/standalone_toolchain
 ---
 
 The Android NDK contains prebuilt versions of the native compiler and toolchain. Both the GCC and Clang compilers have traditionally been supported, but active support for GCC ended with NDK revision 14. The device architecture and host OS determine the appropriate version. The prebuilt toolchains are in the `toolchains` directory of the NDK, which contains one subdirectory for each architecture.

tools/android/MASTG-TOOL-0006.md

@@ -1,6 +1,7 @@
 ---
 title: Android SDK
 platform: android
+source: https://developer.android.com/tools/releases/platform-tools
 ---
 
 Local Android SDK installations are managed via Android Studio. Create an empty project in Android Studio and select **Tools** -> **SDK Manager** to open the SDK Manager GUI. The **SDK Platforms** tab is where you install SDKs for multiple API levels. Recent API levels are:

tools/android/MASTG-TOOL-0007.md

@@ -1,6 +1,7 @@
 ---
 title: Android Studio
 platform: android
+source: https://developer.android.com/studio/index.html
 ---
 
-The official IDE for Google's Android operating system, built on JetBrains' IntelliJ IDEA software and designed specifically for Android development - <https://developer.android.com/studio/index.html>
+Android Studio is the official IDE for Google's Android operating system, built on JetBrains' IntelliJ IDEA software and designed specifically for Android development.

tools/android/MASTG-TOOL-0008.md

@@ -1,7 +1,10 @@
 ---
 title: Android-SSL-TrustKiller
 platform: android
+status: deprecated
+deprecation_note: The Cydia Substrate framework for Android is no longer maintained, and the last update was in 2015. As a result, Android-SSL-TrustKiller is not compatible with modern Android versions and should not be used for testing SSL certificate pinning bypasses on current devices.
+covered_by: [MASTG-TOOL-0020, MASTG-TOOL-0025, MASTG-TOOL-0029, MASTG-TOOL-0140]
 source: https://github.com/iSECPartners/Android-SSL-TrustKiller
 ---
 
-Android-SSL-TrustKiller is a Cydia Substrate Module acting as a blackbox tool to bypass SSL certificate pinning for most applications running on a device - <https://github.com/iSECPartners/Android-SSL-TrustKiller>
+Android-SSL-TrustKiller is a Cydia Substrate Module acting as a blackbox tool to bypass SSL certificate pinning for most applications running on a device.

tools/android/MASTG-TOOL-0009.md

@@ -4,11 +4,11 @@ platform: android
 source: https://github.com/rednaga/APKiD
 ---
 
-[APKiD](https://github.com/rednaga/APKiD) gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff.
+APKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff.
 
 For more information on what this tool can be used for, check out:
 
-- [Android Compiler Fingerprinting](http://hitcon.org/2016/CMT/slide/day1-r0-e-1.pdf)
-- [Detecting Pirated and Malicious Android Apps with APKiD](http://rednaga.io/2016/07/31/detecting_pirated_and_malicious_android_apps_with_apkid/)
+- [Android Compiler Fingerprinting](https://hitcon.org/2016/CMT/slide/day1-r0-e-1.pdf)
+- [Detecting Pirated and Malicious Android Apps with APKiD](https://rednaga.io/2016/07/31/detecting_pirated_and_malicious_android_apps_with_apkid/)
 - [APKiD: PEiD for Android Apps](https://github.com/enovella/cve-bio-enovella/blob/master/slides/bheu18-enovella-APKID.pdf)
 - [APKiD: Fast Identification of AppShielding Products](https://github.com/enovella/cve-bio-enovella/blob/master/slides/APKiD-NowSecure-Connect19-enovella.pdf)

tools/android/MASTG-TOOL-0010.md

@@ -4,6 +4,6 @@ platform: android
 source: https://github.com/APKLab/APKLab
 ---
 
-[APKLab](https://github.com/APKLab/APKLab "APKLab") is a convenient Visual Studio Code extension leveraging tools such as @MASTG-TOOL-0011 and @MASTG-TOOL-0018 to enable features including app unpacking, decompilation, code patching (e.g. for MITM), and repackaging straight from the IDE.
+APKLab is a Visual Studio Code extension leveraging tools such as @MASTG-TOOL-0011 and @MASTG-TOOL-0018 to enable features including app unpacking, decompilation, code patching (e.g. for MITM), and repackaging straight from the IDE.
 
 For more information, you can refer to [APKLab's official documentation](https://apklab.surendrajat.xyz/).