Android Debug Bridge (ADB)
What is Android Debug Bridge (ADB)?
Android Debug Bridge (ADB)A command-line developer tool, part of the Android SDK, that lets a host computer communicate with an Android device or emulator over USB or TCP to install apps, read logs, and run shell commands.
ADB is built into Android for debugging and is enabled via Developer Options. It can install APKs, push and pull files, capture bug reports, and run a shell with the shell user's privileges. Modern Android requires an explicit fingerprint-confirmed authorization for any new ADB host key, but enabling ADB over the network (adb tcpip 5555) without auth has historically exposed thousands of devices on the open internet to drive-by cryptominers and worms such as ADB.Miner. ADB is also extensively used in mobile penetration testing and forensics. Best practice: keep ADB disabled on production devices, never accept unknown ADB keys, and restrict ADB over Wi-Fi to trusted networks.
● Examples
- 01
A pentester runs adb logcat to capture an app's runtime logs during a test.
- 02
ADB.Miner spread among devices that had left adb tcpip 5555 open on the public internet.
● Frequently asked questions
What is Android Debug Bridge (ADB)?
A command-line developer tool, part of the Android SDK, that lets a host computer communicate with an Android device or emulator over USB or TCP to install apps, read logs, and run shell commands. It belongs to the Mobile Security category of cybersecurity.
What does Android Debug Bridge (ADB) mean?
A command-line developer tool, part of the Android SDK, that lets a host computer communicate with an Android device or emulator over USB or TCP to install apps, read logs, and run shell commands.
How does Android Debug Bridge (ADB) work?
ADB is built into Android for debugging and is enabled via Developer Options. It can install APKs, push and pull files, capture bug reports, and run a shell with the shell user's privileges. Modern Android requires an explicit fingerprint-confirmed authorization for any new ADB host key, but enabling ADB over the network (adb tcpip 5555) without auth has historically exposed thousands of devices on the open internet to drive-by cryptominers and worms such as ADB.Miner. ADB is also extensively used in mobile penetration testing and forensics. Best practice: keep ADB disabled on production devices, never accept unknown ADB keys, and restrict ADB over Wi-Fi to trusted networks.
How do you defend against Android Debug Bridge (ADB)?
Defences for Android Debug Bridge (ADB) typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Android Debug Bridge (ADB)?
Common alternative names include: adb, Debug bridge.
● Related terms
- mobile-security№ 948
Rooting (Android)
Gaining unrestricted superuser (root) privileges on an Android device, bypassing the protections enforced by the Linux kernel, SELinux, and the Android verified boot chain.
- mobile-security№ 694
Mobile App Security
The practice of designing, building, and testing iOS and Android applications to protect user data, prevent reverse engineering, and resist runtime tampering.
- mobile-security№ 047
Android Malware
Malicious software that targets the Android operating system, typically distributed through sideloaded APKs, dropper apps on Google Play, or compromised third-party stores.
- mobile-security№ 697
Mobile Device Management (MDM)
Software that lets an organization enroll, configure, monitor, and remotely wipe iOS, Android, macOS, and Windows endpoints from a central console.
- forensics-ir№ 698
Mobile Forensics
The forensic acquisition and analysis of smartphones, tablets, and wearables to extract communications, app data, location, and other artefacts.
- malware№ 917
Remote Access Trojan (RAT)
Malware that gives an attacker covert, interactive control of an infected device, similar to a hidden remote-administration tool.