Androguard v1.5 : Reverse engineering & Malware analysis of Android applications
Labels:
Android,
Malwares,
Mobile,
Reverse Engineering,
Trojan
Androguard (Android Guard) is mainly a tool written in python to play with :
- Dex (Dalvik virtual machine) (.dex), and ODex
- APK (Android application) (.apk),
- Android's binary xml (.xml).
Androguard is available for Linux/MacOSX/Windows (python powered).
Change V1.5 :
- Session (save/load)
- Annotation
- Documentation
- Support of ARM
- Support of dex writing
- Disassembler/Decompiler(DAD)
Androguard has the following features :
- Map and manipulate (disassemble/decompile/modify) DEX/ODEX/APK files into full Python objects,
- Access to the static analysis of your code (basic blocks, instructions, permissions (with database from http://www.android-permissions.org/) ...) and create your own static analysis tool,
- Check if an android application is present in a database (malwares, goodwares ?),
- Open source database of android malware (this opensource database is done on my free time, of course my free time is limited, so if you want to help, you are welcome !),
- Diffing of android applications,
- Measure the efficiency of obfuscators (proguard, ...),
- Determine if your application has been pirated (plagiarism/similarities/rip-off indicator),
- Detection of ad/open source librairies (WIP),
- Risk indicator of malicious application,
- Reverse engineering of applications (goodwares, malwares),
- Transform Android's binary xml (like AndroidManifest.xml) into classic xml,
- Visualize your application with gephi (gexf format), or with cytoscape (xgmml format), or PNG/DOT output,
- Integration with external decompilers (JAD/DED/...)
- Dump the jvm process to find classes into memory.
You can find complete Tutorial here about usage.
Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .
Subscribe Top Hacker Stories via email
The Hacker News - Daily Updates