Manifest Explorer is a tool that can be used on any device using the Google Android operating system (OS). On Android, every application must have an AndroidManifest.xml file in its root directory. The AndroidManifest.xml files does a few things, which is all explained here. From a security perspective, the file is most interesting because it defines the permissions the application must have to other applications or protected parts of the API. The Manifest Explorer tool can be used to review the AndroidManifest.xml file, specifically the security permissions of the application, and the pen-tester a basic attack surface of the application. The attack surface is a critical starting point to understand security of the application and how it affects the mobile device itself.
Pre-Requisites: Mobile Device Running Google’s Android OS