Home Hacking Droidefense: Advance Android Malware Analysis Framework

Droidefense: Advance Android Malware Analysis Framework

107
0
SHARE

Droidefense (originally named atom: analysis through observation machine)* is the codename for android apps/malware analysis/reversing tool. It was built focused on security issues and tricks that malware researcher have on them everyday work. For those situations on where the malware has anti-analysis routines, Droidefense attempts to bypass them in order to get to the code and ‘bad boy’ routine. Sometimes those techniques can be virtual machine detection, emulator detection, self-certificate checking, pipes detection. tracer pid check, and so on.

Droidefense

Droidefense uses an innovative idea in where the code is not decompiled rather than viewed. This allows us to get the global view of the execution workflow of the code with a 100% accuracy on gathered information. With this situation, Droidefensegenerates a fancy html report with the results for an easy understanding.

Download

Usage

java -jar droidefense-cli-1.0-SNAPSHOT.jar

________               .__    .___      _____                            
______ _______  ____ |__| __| _/_____/ ________   ____   ______ ____  
 |    |  _  __ /  _ |  |/ __ |/ __    __/ __  /     /  ___// __  
 |    `     | (  <_> )  / /_/   ___/|  |   ___/|   |  \___ \  ___/ 
/_______  /__|   ____/|______ |___  >__|  ___  >___|  /____  >___  >
        /                     /    /          /     /     /     / 


	* Current build: 			2017_12_05__12_07_01
	* Check out on Github: 			https://github.com/droidefense/
	* Report your issue: 			https://github.com/droidefense/engine/issues
	* Lead developer: 			@zerjioang

usage: droidefense
 -d,--debug                 print debugging information
 -h,--help                  print this message
 -i,--input <apk>           input .apk to be analyzed
 -o,--output <format>       select prefered output:
                            json
                            json.min
                            html
 -p,--profile               Wait for JVM profiler
 -s,--show                  show generated report after scan
 -u,--unpacker <unpacker>   select prefered unpacker:
                            zip
                            memapktool
 -v,--verbose               be verbose
 -V,--version               show current version information

 

Source: https://github.com

 

Read more…

 

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here