# droid-llm-hunter > Droid LLM Hunter is a tool to scan for vulnerabilities in Android applications using Large Language Models (LLMs). - **URL**: https://www.freshcrate.ai/projects/droid-llm-hunter - **Author**: roomkangali - **Category**: Developer Tools - **Latest version**: `1.1.8` (2026-06-02) - **License**: MIT - **Source**: https://github.com/roomkangali/droid-llm-hunter - **Language**: Python - **GitHub**: 100 stars, 16 forks - **Registry**: github - **Tags**: `android`, `python`, `scanning-tool`, `vulnerability-scanners` ## Description Droid LLM Hunter is a tool to scan for vulnerabilities in Android applications using Large Language Models (LLMs). ## Recent releases | Version | Date | Urgency | Changes | | --- | --- | --- | --- | | `1.1.8` | 2026-06-02 | High | # Droid LLM Hunter β€” Update v1.1.8 > **BUGFIX UPDATE:** *"CLI Stability, JSON Parser Fix & Documentation Restructure"* --- ## πŸ› Bug Fixes ### [1] `dlh.py` β€” `create_profile()` destroys `settings.yaml` πŸ”΄ `CRITICAL` \| \| \| \|---\|---\| \| **Problem** \| `os.rename()` permanently deleted `settings.yaml` after profile creation, causing the tool to crash on the next run. \| \| **Fix** \| Safe backup-restore flow: Backup β†’ Run wizard β†’ Copy to profile β†’ Restore original. \| --- ### [2] | | `1.1.7` | 2026-05-08 | High | Droid LLM Hunter - Update v1.1.7 -------------------------------------------------------------------------------- MAJOR UPDATE: "The Supply Chain Hunter" + PoC Output Reliability Fix This update introduces a specialized "Library Hunter Mode" to detect malicious behavior, backdoors, and supply chain risks in third-party SDKs β€” alongside a reliability hotfix ensuring all generated PoC files are immediately executable without manual editing. ----- πŸ”₯ NEW FEATURES ----- 1. Library Hunter | | `v1.0.0` | 2026-03-27 | Medium | # Droid LLM Hunter **Droid LLM Hunter** is an automated security analysis tool designed to detect vulnerabilities in Android applications with high precision. By combining traditional static analysis (SAST) with the contextual understanding of **Large Language Models (LLMs)**, it bridges the gap between keyword-based scanning and human-like code review. It supports **Hybrid Decompilation** (Smali/Java), **Context-Aware Analysis** (Call Graphs), and **Intelligent Risk Filtering**, ensuring | | `1.1.6` | 2026-03-27 | Medium | # Droid LLM Hunter - Update v1.1.6 **MAJOR UPDATE: "CI/CD Hardening and GitHub Actions Maturity"** This release is focused on the latest CI/CD pull request and its follow-up improvements. The goal is to make GitHub Actions integration more reliable, easier to adopt, and safer to operate across runner environments. ## NEW FEATURES ### 1. Dedicated GitHub Actions Integration Documentation - **What it does:** Adds a complete CI/CD guide under `examples/github-actions/` with production- | | `1.1.5` | 2026-02-02 | Low | Droid LLM Hunter - Update v1.1.5 -------------------------------------------------------------------------------- MAJOR UPDATE: "The Hybrid Hunter" This update introduces comprehensive vulnerability coverage (9 New Rules) and a revolutionary Hybrid Architecture (Regex + LLM) for speed and efficiency. ----- πŸ”₯ NEW FEATURES ----- 1. 9 New Advanced Vulnerability Rules πŸ›‘οΈ * **What it does:** Expands the scanner's capability to detect high-impact, bug-bounty style vulnerabilities. | | `1.1.4` | 2026-01-27 | Low | ----- Droid LLM Hunter - Update v1.1.4 ----- * **OpenRouter Integration**: * Added full support for **OpenRouter** as an LLM provider. * You can now use ANY model supported by OpenRouter (e.g., `anthropic/claude-3.5-sonnet`, `meta-llama/llama-3-70b-instruct`) by simply setting `llm.provider: "openrouter"` in `settings.yaml`. * This unlocks access to hundreds of models without needing separate API keys for each provider. ----- πŸ› οΈ TECHNICAL CHANGES ----- * `modul | | `1.1.3` | 2026-01-24 | Low | # Droid LLM Hunter - Update v1.1.3 MAJOR UPDATE: "The Intelligent Hunter" This update introduces two critical capabilities: Logic (Cross-Component Chaining) and Focus (Smart Scope Filtering). ----- πŸ”₯ NEW FEATURES ----- 1. Cross-Component Chaining (The "Crown Jewel") πŸ‘‘ * **What it does:** Enables the AI ​​to connect vulnerabilities across different files. * **Mechanism:** "Two-Pass Analysis" - Phase 1 (Discovery): Scans all files, validating vulnerabilities without | | `1.1.2` | 2026-01-21 | Low | # Droid LLM Hunter - Update v1.1.2 ## 🧠 Major Upgrade: Manifest-Aware Exploit Generation This update brings "Static Analysis Intelligence" to the Auto-Exploit feature. The engine no longer "guesses" exploit parameters but extracts them directly from the `AndroidManifest.xml`. ### 🌟 Key Features 1. **Manifest-Aware Payload Injection** πŸ—ΊοΈ: * **Context Injection**: The engine now parses the `AndroidManifest.xml` to find the exact *Intent Filters*, *Schemes*, *Hosts*, and *Permi | | `1.1.1` | 2026-01-18 | Low | # Droid LLM Hunter - Update v1.1.1 ## Auto-Exploit Generation (PoC) This update introduces Droid LLM Hunter the ability to not just *find* vulnerabilities, but *prove* them by generating actionable Proof-of-Concept (PoC) scripts. ### 🌟 Key Features 1. **Smart Exploit Generation**: * The engine now analyzes confirmed vulnerabilities (`is_vulnerable: True`) and generates tailored exploit scripts. * **Dynamic Formats**: Automatically detects the attack vector and outputs t | | `1.1.0` | 2026-01-15 | Low | # Droid LLM Hunter - Update v1.1.0 ## 🐳 Major Update: Official Docker Support Announce **Full Docker Support**, making Droid LLM Hunter truly **"Write Once, Run Anywhere"**. This update eliminates the dreaded "Dependency Hell" (Java versions, Python paths, Apktool setup) for users on Windows, Linux, and macOS. ### Why Docker ? * **Zero Setup**: No need to manually install Python 3.11, Java 21, or Apktool. The container has everything pre-configured. * **Cross-Platform**: Runs ex | ## Citation - HTML: https://www.freshcrate.ai/projects/droid-llm-hunter - Markdown: https://www.freshcrate.ai/projects/droid-llm-hunter.md - Dependencies JSON: https://www.freshcrate.ai/api/projects/droid-llm-hunter/deps _Generated by freshcrate.ai. Indexes github releases for AI-agent ecosystem packages._