An easy method for setting up an Android Pentest Lab on an Apple Chip M1.

This blog aims to provide a simple method for setting up an Android pentest lab on M1 or M2. Despite encountering various writeups with different emulators, this guide focuses solely on an Android development kit-based lab.

A rooted environment is necessary to conduct security research in the Android lab. Using a non-Google Play store image when setting up the emulator is recommended, as Google does not support production builds to run in a rooted environment. However, there may be exceptions.

Path of the Android Emulator Binary

cd /Users/<user>/Library/Android/sdk/emulator

List the available AVDs

./emulator -list-avds

Run the Android Emulator

./emulator -avd <DeviceName>./emulator -avd AVD

Run with Proxy

./emulator -avd <DeviceName> -writable-system -http-proxy <ProxyIP>:<ProxyPort>./emulator -avd AVD -writable-system -http-proxy 192.168.100.245:8080

Run with ADB logs

./emulator -avd AVD -writable-system -http-proxy 192.168.0.104:8080 -logcat *To begin, open the Burp Suite Proxy tool.Please enable the listener on the correct IP address and port. Also, ensure that the proxy IP specified in the emulator command matches the IP and port enabled in Burp Suite.Access the mobile client's proxy IP and port or //burp and download the certificate.Install the certificate on the device.

Please let me know if there are any questions or corrections since I wrote this blog quickly.