PrivacyTools.io
Auditor logo

Auditor

Open SourceAndroid
Official website attestation.app
GitHub ★ 666 Website
Screenshot of the Auditor website

Android app by GrapheneOS that uses hardware-backed attestation to verify the integrity and authenticity of a supported device and its operating system, confirming it has not been tampered with.

Our take

Auditor does something most security tools cannot: it gives you a cryptographic proof, not just a software assertion, that a device is running the OS it claims to run. Using Android’s hardware-backed keystore and verified boot chain, it lets one Android device audit another over QR codes, or run scheduled remote checks with email alerts. The catch is narrow hardware support - it works best with Pixel devices running GrapheneOS or stock Android, and the value only lands if you understand what attestation failure actually means. For GrapheneOS users, it is a natural companion that rounds out the trust model.

GitHub at a glance
GrapheneOS/Auditor
Stars
666
+ 0 this week
Last commit
16d ago
healthy
License
MIT
Latest release
92
21d ago
Stars, last 10d

Listed in

Device Integrity

Auditor alternatives

Mobile Verification Toolkit Command-line forensic tool developed by Amnesty International's Security Lab to analyze iOS and Android device backups and logs for indicators of compromise by mercenary spyware such as Pegasus.
iMazing iOS and iPadOS device manager for Windows and macOS that includes a free built-in spyware analyzer, powered by MVT detection logic, to scan a device backup for signs of compromise.
Auditor license, in plain English
MIT
Permissive

Do almost anything: use, change, and ship it, even inside closed-source products. The only condition is keeping the copyright notice.

Permits

  • Commercial use
  • Modification
  • Distribution
  • Private use

Requires

  • License and copyright notice

Does not provide

  • Liability cover
  • Warranty

Why it matters: Permissive licensing lets anyone reuse this, including inside closed products. That is freedom to build on, but no guarantee that downstream copies stay open.

Plain-language summary of the project's license, not legal advice. Read the full text for the exact terms.