The objectives of the study focus on:
- Defining the context and conceptual framework of the detection of the personal data communications in applications executed on an Android operating system.
- Demonstrating the elevated risk in the mobile application environment of leaks of personal data and the need to carry out an evaluation of data flows
- Studying the existing techniques for the detection and analysis of personal information flows in Android Applications.
εxodus is a privacy auditing platform for Android applications. It detects behaviors which can be dangerous for user privacy like ads, tracking, analytics, …
It can be run locally via https://github.com/exodus-privacy/exodus
Charles proxy is a web debugging proxy application for iOS.
I hope this is simpler than running things in an emulator, or installing a TLS-breaking man-in-the-middle proxy on the wifi access point.
Mobile Security Framework is an intelligent, all-in-one open source mobile application (Android/iOS/Windows) automated pen-testing framework capable of performing static, dynamic analysis and web API testing. https://opensecurity.in
I can’t vouch for the comprehensiveness or correctness of their results.