hardax 5.2.1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (39) hide show
  1. hardax-5.2.1/LICENSE +21 -0
  2. hardax-5.2.1/PKG-INFO +415 -0
  3. hardax-5.2.1/README.md +354 -0
  4. hardax-5.2.1/hardax/__init__.py +2453 -0
  5. hardax-5.2.1/hardax/__main__.py +5 -0
  6. hardax-5.2.1/hardax/commands/adb_security.json +43 -0
  7. hardax-5.2.1/hardax/commands/apps.json +451 -0
  8. hardax-5.2.1/hardax/commands/attestation.json +219 -0
  9. hardax-5.2.1/hardax/commands/automotive.json +189 -0
  10. hardax-5.2.1/hardax/commands/binary_hardening.json +369 -0
  11. hardax-5.2.1/hardax/commands/bluetooth.json +1312 -0
  12. hardax-5.2.1/hardax/commands/boot_security.json +184 -0
  13. hardax-5.2.1/hardax/commands/certificate_audit.json +229 -0
  14. hardax-5.2.1/hardax/commands/cis_benchmark.json +192 -0
  15. hardax-5.2.1/hardax/commands/cryptography.json +195 -0
  16. hardax-5.2.1/hardax/commands/cve_indicators.json +185 -0
  17. hardax-5.2.1/hardax/commands/device_management.json +122 -0
  18. hardax-5.2.1/hardax/commands/forensic_indicators.json +209 -0
  19. hardax-5.2.1/hardax/commands/input.json +86 -0
  20. hardax-5.2.1/hardax/commands/malware.json +184 -0
  21. hardax-5.2.1/hardax/commands/medical.json +70 -0
  22. hardax-5.2.1/hardax/commands/network.json +584 -0
  23. hardax-5.2.1/hardax/commands/nfc_security.json +70 -0
  24. hardax-5.2.1/hardax/commands/partition.json +330 -0
  25. hardax-5.2.1/hardax/commands/pos_security.json +232 -0
  26. hardax-5.2.1/hardax/commands/privacy.json +449 -0
  27. hardax-5.2.1/hardax/commands/selinux.json +419 -0
  28. hardax-5.2.1/hardax/commands/storage.json +229 -0
  29. hardax-5.2.1/hardax/commands/system.json +832 -0
  30. hardax-5.2.1/hardax/commands/usb_security.json +154 -0
  31. hardax-5.2.1/hardax/templates/report.html +713 -0
  32. hardax-5.2.1/hardax.egg-info/PKG-INFO +415 -0
  33. hardax-5.2.1/hardax.egg-info/SOURCES.txt +37 -0
  34. hardax-5.2.1/hardax.egg-info/dependency_links.txt +1 -0
  35. hardax-5.2.1/hardax.egg-info/entry_points.txt +2 -0
  36. hardax-5.2.1/hardax.egg-info/requires.txt +14 -0
  37. hardax-5.2.1/hardax.egg-info/top_level.txt +1 -0
  38. hardax-5.2.1/pyproject.toml +73 -0
  39. hardax-5.2.1/setup.cfg +4 -0
hardax-5.2.1/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026 V33RU (Mr-IoT / IOTSRG)
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
hardax-5.2.1/PKG-INFO ADDED
@@ -0,0 +1,415 @@
1
+ Metadata-Version: 2.4
2
+ Name: hardax
3
+ Version: 5.2.1
4
+ Summary: Hardening Audit eXaminer: security configuration auditor for Android-based devices (POS, IoT, automotive, medical, kiosk)
5
+ Author-email: "V33RU (Mr-IoT, IOTSRG)" <v33raiot@gmail.com>
6
+ License: MIT License
7
+
8
+ Copyright (c) 2026 V33RU (Mr-IoT / IOTSRG)
9
+
10
+ Permission is hereby granted, free of charge, to any person obtaining a copy
11
+ of this software and associated documentation files (the "Software"), to deal
12
+ in the Software without restriction, including without limitation the rights
13
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
+ copies of the Software, and to permit persons to whom the Software is
15
+ furnished to do so, subject to the following conditions:
16
+
17
+ The above copyright notice and this permission notice shall be included in all
18
+ copies or substantial portions of the Software.
19
+
20
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26
+ SOFTWARE.
27
+
28
+ Project-URL: Homepage, https://github.com/V33RU/hardax
29
+ Project-URL: Repository, https://github.com/V33RU/hardax
30
+ Project-URL: Issues, https://github.com/V33RU/hardax/issues
31
+ Project-URL: Releases, https://github.com/V33RU/hardax/releases
32
+ Keywords: android,security,audit,hardening,iot,pos,automotive,medical,adb,ssh,uart,penetration-testing
33
+ Classifier: Development Status :: 5 - Production/Stable
34
+ Classifier: Environment :: Console
35
+ Classifier: Intended Audience :: System Administrators
36
+ Classifier: Intended Audience :: Information Technology
37
+ Classifier: License :: OSI Approved :: MIT License
38
+ Classifier: Operating System :: POSIX :: Linux
39
+ Classifier: Operating System :: MacOS
40
+ Classifier: Operating System :: Microsoft :: Windows
41
+ Classifier: Programming Language :: Python :: 3
42
+ Classifier: Programming Language :: Python :: 3.11
43
+ Classifier: Programming Language :: Python :: 3.12
44
+ Classifier: Topic :: Security
45
+ Classifier: Topic :: System :: Systems Administration
46
+ Classifier: Topic :: Software Development :: Testing
47
+ Requires-Python: >=3.11
48
+ Description-Content-Type: text/markdown
49
+ License-File: LICENSE
50
+ Provides-Extra: ssh
51
+ Requires-Dist: paramiko>=2.7; extra == "ssh"
52
+ Provides-Extra: uart
53
+ Requires-Dist: pyserial>=3.5; extra == "uart"
54
+ Provides-Extra: certs
55
+ Requires-Dist: cryptography>=3.0; extra == "certs"
56
+ Provides-Extra: all
57
+ Requires-Dist: paramiko>=2.7; extra == "all"
58
+ Requires-Dist: pyserial>=3.5; extra == "all"
59
+ Requires-Dist: cryptography>=3.0; extra == "all"
60
+ Dynamic: license-file
61
+
62
+ <h1 align="center">HARDAX</h1>
63
+
64
+
65
+ <p align="center">
66
+ <img src="https://img.shields.io/badge/version-5.2.1-blue.svg" alt="Version">
67
+ <img src="https://img.shields.io/badge/python-3.11+-green.svg" alt="Python">
68
+ <img src="https://img.shields.io/badge/checks-706-orange.svg" alt="Checks">
69
+ <img src="https://img.shields.io/badge/categories-25-purple.svg" alt="Categories">
70
+ <img src="https://img.shields.io/badge/license-MIT-red.svg" alt="License">
71
+ <a href="https://github.com/V33RU/hardax/wiki">
72
+ <img src="https://img.shields.io/badge/wiki-documentation-lightgrey.svg" alt="Wiki">
73
+ </a>
74
+ </p>
75
+
76
+ <p align="center">
77
+ </p>
78
+
79
+ ![](https://raw.githubusercontent.com/V33RU/my-slides/refs/heads/main/images/report.png)
80
+
81
+ ---
82
+
83
+ ## Overview
84
+
85
+ **HARDAX** (Hardening Audit eXaminer) is a comprehensive security configuration auditor for Android-based devices. It performs **686 security checks** across **25 categories** to identify misconfigurations, vulnerabilities, and security weaknesses.
86
+
87
+ HARDAX is designed for:
88
+ - **Security Researchers** - Penetration testing and vulnerability assessment
89
+ - **IoT Security Teams** - Auditing Android-based IoT devices
90
+ - **POS Security Auditors** - PCI-DSS compliance verification for payment terminals
91
+ - **Enterprise Security** - MDM compliance verification
92
+ - **Developers** - Pre-release security validation
93
+
94
+ ---
95
+
96
+ ## Features
97
+
98
+ | Feature | Description |
99
+ |---------|-------------|
100
+ | **686 Security Checks** | Comprehensive coverage across 25 security categories |
101
+ | **POS/Payment Terminal Support** | 24 PCI-DSS focused checks for payment devices |
102
+ | **Malware & Hooking Detection** | 18 checks for rootkits, RATs, Frida, Xposed, keyloggers, memory scrapers |
103
+ | **Certificate Audit** | CA certificate analysis with expiry/age calculation - 27 checks |
104
+ | **Root Auto-Detection** | Detects root method (Magisk/SuperSU/su/ssh-root/uart-root) and adapts privilege escalation accordingly |
105
+ | **ADB Resilience** | 5-layer protection: connection check, auto-reconnect, timeout, SKIPPED status |
106
+ | **Triple Connection Modes** | ADB (USB/Network), SSH, and UART serial console support |
107
+ | **UART Shell Support** | Connect over serial console with auto baud detection, user/root shell identification |
108
+ | **SSH Root Awareness** | Detects when SSH session is already root - skips unnecessary `su` probing |
109
+ | **6 Status Levels** | SAFE, WARNING, CRITICAL, VERIFY, INFO, SKIPPED |
110
+ | **3 Report Formats** | TXT, CSV, HTML with interactive dashboard |
111
+ | **Smart False Positive Prevention** | Catches empty output, service unavailability, and transport errors - marks as SKIPPED not CRITICAL |
112
+ | **Extensible JSON Checks** | Easy to add custom security checks - drop JSON, run |
113
+ | **Beautiful CLI Output** | Color-coded real-time progress display |
114
+ | **Device Info Collection** | Automatic device fingerprinting |
115
+ | **Shell Environment Probe** | SSH mode probes busybox, toybox, getprop, bash availability on connect |
116
+
117
+ ---
118
+
119
+ ## Supported Devices
120
+
121
+ HARDAX works with any Android-based device accessible via ADB, SSH, or UART:
122
+
123
+ | Device Type | Examples |
124
+ |-------------|----------|
125
+ | **POS Terminals** | PAX, Verifone, Ingenico, Sunmi, Newland, Clover, Square |
126
+ | **Smartphones & Tablets** | Samsung, Pixel, OnePlus, Xiaomi, etc. |
127
+ | **IoT Devices** | Android Things, AOSP-based smart devices |
128
+ | **Collaboration Panels** | Poly, Neat, Webex Board |
129
+ | **Android Automotive** | Infotainment systems, head units |
130
+ | **Medical Devices** | Android-based clinical devices |
131
+ | **Industrial Android** | Rugged tablets, handheld scanners |
132
+ | **Android TV** | Smart TVs, set-top boxes |
133
+ | **Wearables** | Wear OS devices |
134
+
135
+ ---
136
+
137
+ ## Installation
138
+
139
+ ### Prerequisites
140
+
141
+ - Python 3.11 or higher
142
+ - ADB (Android Debug Bridge) installed and in PATH
143
+ - USB Debugging enabled on target device
144
+
145
+ ### Install with pip (recommended)
146
+
147
+ ```bash
148
+ # Core (ADB mode only)
149
+ pip install hardax
150
+
151
+ # With SSH support (paramiko)
152
+ pip install 'hardax[ssh]'
153
+
154
+ # With UART / serial support (pyserial)
155
+ pip install 'hardax[uart]'
156
+
157
+ # With certificate audit support (cryptography)
158
+ pip install 'hardax[certs]'
159
+
160
+ # Everything
161
+ pip install 'hardax[all]'
162
+ ```
163
+
164
+ After installation the `hardax` console command is available:
165
+
166
+ ```bash
167
+ adb devices
168
+ hardax
169
+ ```
170
+
171
+ ### Install from source (development)
172
+
173
+ ```bash
174
+ git clone https://github.com/V33RU/hardax.git
175
+ cd hardax
176
+ pip install -e '.[all]'
177
+
178
+ # Or run without installing
179
+ python3 -m hardax
180
+ ```
181
+
182
+ ---
183
+
184
+ ## Usage
185
+
186
+ ### Basic Usage (ADB)
187
+
188
+ ```bash
189
+ # Auto-detect connected device
190
+ hardax
191
+
192
+ # Show commands being executed
193
+ hardax --show-commands
194
+
195
+ # Load all check files from commands/ directory
196
+ hardax --json-dir commands
197
+
198
+ # Specify device by serial
199
+ hardax --serial DEVICE_SERIAL
200
+
201
+ # Custom output directory
202
+ hardax --out ./my_reports
203
+
204
+ # Skip certificate audit
205
+ hardax --skip-certs
206
+ ```
207
+
208
+ ### SSH Mode (Network)
209
+
210
+ ```bash
211
+ hardax --mode ssh --host 192.168.1.100 --ssh-user root --ssh-pass password
212
+ ```
213
+
214
+ ### UART Mode (Serial Console)
215
+
216
+ ```bash
217
+ # Auto-detect baud rate
218
+ hardax --mode uart --uart-port /dev/ttyUSB0
219
+
220
+ # Specify baud rate
221
+ hardax --mode uart --uart-port /dev/ttyUSB0 --baud 115200
222
+
223
+ # Windows
224
+ hardax --mode uart --uart-port COM3 --baud 115200
225
+ ```
226
+
227
+ ### Network ADB
228
+
229
+ ```bash
230
+ adb connect 192.168.1.100:5555
231
+ hardax --json-dir commands
232
+ ```
233
+
234
+ ### All Options
235
+
236
+ ```
237
+ usage: hardax [OPTIONS]
238
+
239
+ Options:
240
+ --version Show version
241
+ --mode {adb,ssh,uart} Connection mode (default: adb)
242
+ --serial SERIAL ADB device serial number
243
+ --host HOST SSH hostname/IP
244
+ --port PORT SSH port (default: 22)
245
+ --ssh-user USER SSH username
246
+ --ssh-pass PASS SSH password
247
+ --uart-port PORT UART serial port (e.g. /dev/ttyUSB0, COM3)
248
+ --baud RATE UART baud rate (0 = auto-detect, default: 0)
249
+ --json FILE Path to single JSON checks file
250
+ --json-dir DIR Directory with JSON check files
251
+ --out DIR Output directory (default: hardax_output)
252
+ --progress-numbers Show numeric progress counter
253
+ --show-commands Display each command being executed
254
+ --skip-certs Skip certificate audit
255
+
256
+ Hidden debug flags (prefix before other args):
257
+ --net-debug Verbose network check output
258
+ --net-strict Strict network check mode
259
+ --cert-debug Verbose certificate audit output
260
+ --cert-limit N Limit certificate files scanned (default: 50)
261
+ ```
262
+
263
+ ---
264
+
265
+ ## Security Categories
266
+
267
+ HARDAX organizes **686 checks** into **25 security categories**:
268
+
269
+ | Category | Checks | Description |
270
+ |----------|--------|-------------|
271
+ | **SYSTEM** | 85 | Kernel, memory, TEE (QSEE/Mobicore/TEEGRIS/Trusty), SECCOMP, time, power, build properties, emulator detection, SIM status |
272
+ | **BLUETOOTH** | 83 | BLE/Classic, pairing, profiles (PAN, HFP, A2DP, HID, SPP, OPP, MAP), L2CAP, ATT, SMP, GAP, attack surfaces |
273
+ | **NETWORK** | 60 | Ports, WiFi, cellular, VPN, MQTT, CoAP, CAN bus, HL7, DICOM, active connections |
274
+ | **PRIVACY** | 47 | Biometrics, screen lock, location, sensors, clipboard, audio |
275
+ | **APPS** | 44 | Permissions, overlay attacks, installation sources, backup audit, dangerous perms |
276
+ | **BINARY_HARDENING** | 36 | PIE, NX, RELRO, stack canaries, stripped symbols, ASLR, kptr_restrict |
277
+ | **PARTITION** | 27 | dm-verity, OverlayFS, A/B slots, FBE/FDE, mount flags, block device permissions |
278
+ | **CERTIFICATE_AUDIT** | 25 | CA certificates, user certs, pinning bypass, keystore, expiry analysis |
279
+ | **SELINUX** | 25 | SELinux enforcement, policy, audit, context, boot flags |
280
+ | **POS_SECURITY** | 24 | PCI-DSS compliance, payment apps, kiosk mode, RAM scraper, NFC relay, PAX CVE |
281
+ | **STORAGE** | 24 | Filesystem, backup, encryption, partitions |
282
+ | **FORENSIC_INDICATORS** | 22 | Crash history, kernel panics, logcat anomalies, temp artifacts, clipboard forensics |
283
+ | **ATTESTATION** | 20 | SafetyNet/Play Integrity, Knox warranty bit, TIMA, RKP, Titan M, fs-verity, bypass detection |
284
+ | **AUTOMOTIVE** | 20 | Vehicle-specific checks, CAN bus, infotainment |
285
+ | **BOOT_SECURITY** | 20 | Verified boot, AVB, dm-verity, bootloader, integrity |
286
+ | **CRYPTOGRAPHY** | 18 | Encryption, keys, credentials, API keys, certificates |
287
+ | **MALWARE** | 18 | Root/Magisk/SuperSU, Frida, Xposed/LSPosed, RATs, keyloggers, memory scrapers, root cloaking |
288
+ | **CIS_BENCHMARK** | 17 | CIS Android Benchmark v1.6.0 controls (89% coverage) |
289
+ | **USB_SECURITY** | 16 | USB debugging, interfaces, serial ports, gadget mode |
290
+ | **CVE_INDICATORS** | 15 | Dirty Pipe, Bad Binder, Dirty COW, MTK-su, Exynos baseband, Mali GPU, kernel CVE ranges |
291
+ | **DEVICE_MANAGEMENT** | 13 | MDM, accounts, developer options |
292
+ | **INPUT** | 9 | Keyboards, accessibility, input methods |
293
+ | **MEDICAL** | 7 | Medical device-specific checks |
294
+ | **NFC_SECURITY** | 7 | NFC state, Android Beam, tap-to-pay, reader mode, secure element (eSE/UICC) |
295
+ | **ADB_SECURITY** | 4 | ADB keys, network ADB, debugging |
296
+
297
+ ---
298
+
299
+ ## HTML Report Features
300
+
301
+ The interactive HTML report includes:
302
+
303
+ - **Summary Dashboard** - Total checks, pass/fail counts, doughnut chart
304
+ - **Device Information** - Model, Android version, build, serial, security patch level
305
+ - **Collapsible Categories** - Click to expand/collapse each security area
306
+ - **Color-Coded Results** - Green=SAFE, Yellow=WARNING, Red=CRITICAL
307
+ - **Certificate Audit Table** - CA certificates with expiry dates and risk status
308
+ - **Search & Filter** - Find specific checks by keyword
309
+ - **Category Statistics** - Per-category breakdown of findings
310
+
311
+ ---
312
+
313
+ ## Extending HARDAX
314
+
315
+ ### Adding Custom Checks
316
+
317
+ Create or modify JSON files in the `commands/` directory:
318
+
319
+ ```json
320
+ {
321
+ "checks": [
322
+ {
323
+ "category": "CUSTOM",
324
+ "label": "My Custom Port Check",
325
+ "command": "netstat -tlnp 2>/dev/null | grep ':8080'",
326
+ "safe_pattern": "^$",
327
+ "level": "warning",
328
+ "description": "Check if port 8080 is open",
329
+ "empty_is_safe": true
330
+ }
331
+ ]
332
+ }
333
+ ```
334
+
335
+ ### JSON Check Fields
336
+
337
+ | Field | Required | Description |
338
+ |-------|----------|-------------|
339
+ | `category` | Yes | Category name (e.g. SYSTEM, NETWORK) |
340
+ | `label` | Yes | Human-readable check name |
341
+ | `command` | Yes | Shell command to run on device |
342
+ | `safe_pattern` | Yes | Regex pattern that indicates a safe result |
343
+ | `level` | Yes | Severity: `info`, `warning`, `critical` |
344
+ | `description` | Yes | What the check detects |
345
+ | `empty_is_safe` | No | If true, empty output = SAFE |
346
+ | `why` | No | Explanation of why this matters |
347
+ | `risk_if_fail` | No | What risk the failure represents |
348
+ | `nist_800_53` | No | Relevant NIST 800-53 control IDs |
349
+ | `id` | No | Unique check identifier (e.g. BT-001) |
350
+
351
+ ---
352
+
353
+ ## Project Structure
354
+
355
+ ```
356
+ HARDAX/
357
+ ├── pyproject.toml # Package metadata, dependencies, entry point
358
+ ├── README.md # This file
359
+ ├── LICENSE # MIT
360
+ └── hardax/ # The installable Python package
361
+ ├── __init__.py # Main engine (was hardax.py)
362
+ ├── __main__.py # Enables 'python -m hardax'
363
+ ├── templates/
364
+ │ └── report.html # Interactive HTML report template
365
+ └── commands/ # Security check definitions (706 checks, 25 categories)
366
+ ├── system.json # 85 checks - Kernel, TEE (QSEE/Mobicore/TEEGRIS/Trusty), SECCOMP, build, emulator
367
+ ├── bluetooth.json # 83 checks - BLE/Classic, pairing, all profiles
368
+ ├── network.json # 60 checks - Ports, WiFi, VPN, IoT protocols
369
+ ├── privacy.json # 47 checks - Biometrics, location, sensors
370
+ ├── apps.json # 44 checks - Permissions, overlay, backup, install
371
+ ├── binary_hardening.json # 36 checks - PIE, NX, RELRO, stack canaries, ASLR
372
+ ├── partition.json # 27 checks - dm-verity, A/B slots, FBE, mount flags
373
+ ├── certificate_audit.json # 25 checks - CA certs, expiry, MITM
374
+ ├── selinux.json # 25 checks - Enforcement, policy, audit
375
+ ├── pos_security.json # 24 checks - PCI-DSS, kiosk, NFC relay, PAX CVE
376
+ ├── storage.json # 24 checks - Encryption, partitions, backup
377
+ ├── forensic_indicators.json # 22 checks - Crashes, logcat, temp artifacts
378
+ ├── attestation.json # 20 checks - SafetyNet/Play Integrity, Knox, Titan M, bypass detection
379
+ ├── automotive.json # 20 checks - Vehicle, CAN bus, infotainment
380
+ ├── boot_security.json # 20 checks - Verified boot, AVB, dm-verity
381
+ ├── cryptography.json # 18 checks - Keystore, StrongBox, algorithms
382
+ ├── malware.json # 18 checks - Root, Frida, Xposed, RATs, scrapers
383
+ ├── cis_benchmark.json # 17 checks - CIS Android Benchmark v1.6.0
384
+ ├── usb_security.json # 16 checks - USB debug, MTP, gadget mode
385
+ ├── cve_indicators.json # 15 checks - Dirty Pipe, Bad Binder, MTK-su, kernel CVEs
386
+ ├── device_management.json # 13 checks - MDM, accounts, dev options
387
+ ├── input.json # 9 checks - Keyboards, accessibility, IME
388
+ ├── medical.json # 7 checks - Medical device-specific
389
+ ├── nfc_security.json # 7 checks - NFC, reader mode, secure element
390
+ └── adb_security.json # 4 checks - ADB keys, network ADB
391
+ ```
392
+
393
+ ---
394
+
395
+ ## Future Roadmap
396
+
397
+ - [ ] `--category` flag to run specific categories
398
+ - [ ] `--severity` flag to filter by level
399
+ - [ ] `--format json` for JSON output
400
+ - [ ] Exit codes for CI/CD integration
401
+ - [ ] CVE Correlation Engine
402
+ - [ ] Binary Hardening Analysis (ASLR, NX, PIE)
403
+ - [ ] HARDAX Risk Score (0-100)
404
+ - [ ] Save baseline configuration
405
+ - [ ] Diff reports between scans
406
+ - [ ] Device profiles (IoT/Automotive/Medical presets)
407
+ - [ ] CIS Android Benchmark full mapping
408
+ - [ ] OWASP MASVS/MSTG mapping
409
+ - [ ] NIST guidelines mapping
410
+ - [ ] Remediation suggestions
411
+ - [ ] Multi-device parallel scanning
412
+ - [ ] Web dashboard (Flask/FastAPI)
413
+ - [ ] Plugin architecture
414
+ - [ ] APK analysis integration
415
+ - [ ] Firmware extraction support