LogoLogo
HomeArticlesCommunity ProductsPremium ProductsGitHubTalsec Website
  • 👋Introduction
  • 🛠️Integration
    • 🤖Android
      • API
      • Troubleshooting
    • 🍎iOS
      • API
      • Troubleshooting
    • 🐦Flutter
      • FlutterFlow
      • API
      • Troubleshooting
    • ⚛️React Native
      • Expo
      • API
      • Troubleshooting
    • 👾Cordova
      • API
      • Troubleshooting
    • 🪽Capacitor
      • API
      • Troubleshooting
  • 🚀Features and Pricing plans
    • The Key Differences: freeRASP vs. RASP+
  • 🎤What's New and Changelog
  • 📊Security Report
  • ⚖️User Data Policies
  • 📄License
  • 🤝Fair Usage Policy (FUP)
  • ℹ️Wiki
    • Getting Signing Certificate Hash
    • Callback Delay, Telemetry Impact, and Threat Scanning Completion Status
    • Threat detection
      • Detecting rooted or jailbroken devices
      • Emulator detection
      • Hook detection
      • App tampering detection
      • Debugger detection
      • Detecting unofficial installation
      • Device binding detection
      • Missing obfuscation detection [Android devices only]
      • Secure Hardware detection (Keystore/Keychain secure storage check)
      • Passcode
      • System VPN detection
      • Developer Mode detection [Android devices only]
      • ADB enabled detection [Android devices only]
      • Screen Capture
    • Source code obfuscation
    • isProd flag
  • 🦉FAQ
  • 🧑‍💻About Us
  • 🤝Contribution
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Wiki
  2. Threat detection

Developer Mode detection [Android devices only]

Android developer mode allows deeper system access and debugging capabilities that can bypass app security measures. Developer mode can enable settings that facilitate the installation of uncertified applications and the execution of potentially harmful code, posing significant risks to data integrity and app functionality. FreeRASP detects whether the developer mode is enabled.

Warning: This vulnerability is particularly critical on Android 12 and 13 devices with Developer Mode enabled. A local attacker with ADB shell access can execute arbitrary code within the context of any non-system app, granting them full access to the app’s private data files, AccountManager-stored credentials, and other privileged resources. This bypasses the Application Sandbox’s intended protections, which are designed to isolate app data even from device owners.

Below are code snippets demonstrating developer mode detection across various platforms:

// Android Developer mode detection
override fun onDeveloperModeDetected() {
    TODO("Not yet implemented")
}

// Flutter Developer mode detection
onDevMode: () => print("Developer mode detected")

// Cordova Developer mode detection
devMode: () => {
    // Place your reaction here
}

// React Native Developer mode detection
devMode: () => {
    // Place your reaction here
}

// Capacitor Developer mode detection
devMode: () => {
    // Place your reaction here
}

Recommended action: Log the event on your BE

PreviousSystem VPN detectionNextADB enabled detection [Android devices only]

Last updated 2 days ago

Was this helpful?

ℹ️