During your application security assessments, you may want to know what the attack surface of a given application is. drozer has a really neat module that helps you determine just that. In terms of this module, the attack surface for an application is simply the number of exported components.

How to do it...

Execute the following command from your drozer console:

dz> app.package.attacksurface [package name]

This command will list all the exported activities for a given package as determined by the package manager API.

As an example, you could try running it against a sample package as follows: