EVABS – Extremely Vulnerable Android Labs

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application vulnerabilities in a story-based, interactive model. EVABS follows a level-wise difficulty approach and in each level, the player learns a new concept. This project is still under progress and aims at incorporating as many levels as possible.
For complete details and solutions, head to the wiki.


  • Download the application file (apk).
  • Install it in an Android device (rooted recommended) or emulator.


or use ADHRIT (all-in-one tool)
Confused? Read the documentation on setting up the environment.


  • Flag checking module added within EVABS.
  • Alternatively, you can use this link to submit flags from your browser.
  • UI improvements


  • Clone the repository git clone https://github.com/abhi-r3v0/EVABS.git or download the zip.
  • Create a new folder EVABS in your “AndroidStudioProjects“` directory and move the contents to the new directory.
  • Fire up Android Studio, File -> open and select the project.
  • Go to Build -> Generate Signed APK.
  • Create a new signature, if it doesn’t exist. Sign the APK.
  • Install the APK using adb install EVABS.apk




Download EVABS

Anastasis Vasileiadis

PC Technical || Penetration Tester || Ethical Hacker || Cyber Security Expert || Cyber Security Analyst || Information Security Researcher || Malware analyst || Malware Investigator || Reverse Engineering

SC ProDefence SRL - Cyber Security Services