EVABS: Extremely Vulnerable Android Labs

EVABS (Extremely Vulnerable Android Labs)

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application vulnerabilities in a story-based, interactive model. EVABS follows a level-wise difficulty approach and in each level, the player learns a new concept. This project is still under progress and aims at incorporating as many levels as possible.

It aims at helping Android security beginners with a CTF-style, story-based lab series. The application has 12 levels as of now, with the difficulty stepping-up linearly. Each level introduces the user to a particular vulnerability and gifts a flag if exploited successfully. At every level, the player is exposed to a different vulnerability which can be found in real-world applications.


  • Linux/MAC (Recommended)
  • Basic Java/Android programming
  • Android SDK + Studio
  • Android device (rooted)/Emulator

Install && Setting up the environment

Copyright (C) 2018 Abhi-r3v0